2 matches found
CVE-2019-17526
An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstrated by an import'os'.popen'whoami'.read...
CVE-2019-17526
SageMath Sage Cell Server is affected by a Python code injection vulnerability (CVE-2019-17526) in internet-facing web applications, demonstrated by import ('os').popen('whoami').read(). The issue is described across multiple sources (NVD, Red Hat, CNVD, Veracode, CVE list, etc.) as allowing arbi...