2 matches found
EUVD-2023-37371
Malicious code in bioql PyPI...
CVE-2024-41799 tgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned users
tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users using the "Set .dme Path" privilege could potentially set malicious .dme files existing on the host machine to be compiled and executed. These .dme files could be uploaded via...