EUVD-2022-0047

Malicious code in bioql PyPI...

Exploit for Cross-site Scripting in Exclusiveaddons Exclusive_Addons_For_Elementor

Cookiecutter POC Template A minimal Python cookiecutter templ...

Linux Distros Unpatched Vulnerability : CVE-2022-24065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code wit...

@backstage/plugin-scaffolder-backend (>=0.0.0-nightly-2021712211 <=0.15.24-next.0), @backstage/plugin-scaffolder-backend-module-confluence-to-markdown (>=0.0.0-nightly-20230325022054 <=0.0.0-nightly-20230801022410) +8 more potentially affected by CVE-2023-35926 via @backstage/plugin-scaffolder-backend (>=0.0.0-nightly-20220708025041 <=0.18.0)

@backstage/plugin-scaffolder-backend NPM version =0.0.0-nightly-20220708025041, =0.0.0-nightly-2021712211, =0.0.0-nightly-20230325022054, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-20230112022659, =0.0.0-nightly-2022122206, =1.0.8, =1.0.0, =1.0.0, =2.2.0 -...

Mageia: Security Advisory (MGASA-2022-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python-coookiecutter packages fix security vulnerability

Command Injection via hg argument CVE-2022-24065...

MGASA-2022-0258 Updated python-coookiecutter packages fix security vulnerability

Command Injection via hg argument CVE-2022-24065...

Command Injection:

Description cookiecutter is a command-line utility that creates projects from cookiecutters. Affected versions of this package are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg...

[SECURITY] Fedora 35 Update: python-cookiecutter-2.1.1-1.fc35

A command-line utility that creates projects from cookiecutters project templates, e.g. creating a Python package project from a Python package project template...

Fedora: Security Advisory for python-cookiecutter (FEDORA-2022-4a3d83a1d2)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python-cookiecutter (FEDORA-2022-ff1c98b2fe)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

agogosml-cli (=0.1.2), anyforce (>=0.2.6 <=0.3.12) +198 more potentially affected by CVE-2022-24065 via cookiecutter (>=1.0.0 <=1.7.3)

cookiecutter PYPI version =1.0.0, =0.2.6, =0.2.0, =1.7.1, =0.2.0, =0.1.0, =0.17.0, =0.10.48, =0.1.0, =0.0.4, =0.2.1, =1.0.3 and more Source cves: CVE-2022-24065 Source advisory: OSV:GHSA-F4Q6-9QM4-H8J4...

GHSA-F4Q6-9QM4-H8J4 OS Command Injection in cookiecutter

The package cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be...

OS Command Injection in cookiecutter

The package cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be...

CVE-2022-24065

The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be...

DEBIAN-CVE-2022-24065

The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be...

CVE-2022-24065

The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be...

agogosml-cli (=0.1.2), anyforce (>=0.2.6 <=0.3.12) +198 more potentially affected by CVE-2022-24065 via cookiecutter (>=1.0.0 <=1.7.3)

cookiecutter PYPI version =1.0.0, =0.2.6, =0.2.0, =1.7.1, =0.2.0, =0.1.0, =0.17.0, =0.10.48, =0.1.0, =0.0.4, =0.2.1, =1.0.3 and more Source cves: CVE-2022-24065 Source advisory: OSV:PYSEC-2022-204...

Command injection

The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be...

PYSEC-2022-204

The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be...