3 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-35196
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a crafted settings.pickle file in a project file, because there is insecure...
CVE-2021-35196
Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a crafted settings.pickle file in a project file, because there is insecure deserialization via the pickle.load function in settings.py. NOTE: the vendor's position is that the product is not intended for opening an...
CVE-2021-35196
Manuskript ≤ 0.12.0 is affected by insecure deserialization via pickle.load() in settings.py, enabling remote code execution through a crafted settings.pickle inside a project file. The vendor notes the product is not intended for untrusted project files. Exploitation details, affected components...