19 matches found
CVE-2022-27177
A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...
EUVD-2024-1380
Malicious code in bioql PyPI...
EUVD-2022-0046
Malicious code in bioql PyPI...
Command Injection
consoleme is vulnerable to Command Injection. The vulnerability is due to improper neutralization of special elements used in a command, potentially allowing an attacker to inject and execute arbitrary commands via an argument flag...
ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command
ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...
CVE-2024-5023
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Netflix ConsoleMe allows Command Injection.This issue affects ConsoleMe: before 1.4.0...
CVE-2024-5023 Arbitrary File Read Vulnerability in ConsoleMe via Limited Git command RCE
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Netflix ConsoleMe allows Command Injection.This issue affects ConsoleMe: before 1.4.0...
CVE-2024-5023
CVE-2024-5023 affects Netflix ConsoleMe prior to 1.4.0. Root cause: improper neutralization of special elements used in a command within Template resources flow, enabling command execution via crafted inputs. Documentation indicates authenticated users can achieve limited remote code execution co...
CVE-2024-5023 Arbitrary File Read Vulnerability in ConsoleMe via Limited Git command RCE
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Netflix ConsoleMe allows Command Injection.This issue affects ConsoleMe: before 1.4.0...
Netflix ConsoleMe 安全漏洞
ConsoleMe is a web service that makes AWS IAM rights and credentials management easier for end users and cloud administrators. A security vulnerability exists in Netflix ConsoleMe versions prior to 1.4.0 that stems from incorrect neutralization of special elements used in commands, resulting in...
Remote Code Execution
consoleme is vulnerable to remote code execution. A remote attacker is able to upload and execute malicious code and gain access to sensitive user information on the targeted system due to a python format string issue in iterateandformatdict function...
GHSA-74W3-2R77-FW5H Use of Externally-Controlled Format String in consoleme
A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...
Use of Externally-Controlled Format String in consoleme
A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...
CVE-2022-27177
A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...
Format string
A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...
PYSEC-2022-189
A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...
CVE-2022-27177
The CVE-2022-27177 issue affects ConsoleMe. A Python format-string vulnerability (externally controlled) in the code path related to formatting dictionaries (iterate_and_format_dict) can lead to information disclosure and, in some cases, remote code execution for all versions before 1.2.2. Docume...
CVE-2022-27177
A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...
ConsoleMe 格式化字符串错误漏洞
ConsoleMe is a web service that makes AWS IAM rights and credential management easier for end users and cloud administrators. A security vulnerability exists in ConsoleMe versions prior to 1.2.2 that stems from a Python format string issue...