4 matches found
CVE-2023-35932
jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...
CVE-2023-35932
CVE-2023-35932 (jcvi) : The jcvi Python library is vulnerable to a configuration injection via unsanitized user input that reaches the configuration file (notably ~/.jcvirc). The issue centers on the code path in jcvi/apps/base.py where a user-provided value is stored as a path for binaries; unde...
CVE-2023-35932 jcvi vulnerable to Configuration Injection due to unsanitized user input
jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...
CVE-2023-35932 jcvi vulnerable to Configuration Injection due to unsanitized user input
jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...