2 matches found
CVE-2020-7698
CVE-2020-7698 affects the Gerapy package (versions 0 through before 0.9.3). The vulnerability is a command injection: user input processed by the project_configure endpoint is passed to Popen without proper sanitization, enabling potential remote/external execution. Connected documents corroborat...
CVE-2020-7698 Command Injection
This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the projectconfigure endpoint, isn’t being sanitized...