Lucene search
K

4 matches found

NVD
NVD
added 2023/06/23 10:15 p.m.47 views

CVE-2023-35932

jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...

8.8CVSS8AI score0.01841EPSS
Exploits0References2
CVE
CVE
added 2023/06/23 9:5 p.m.64 views

CVE-2023-35932

CVE-2023-35932 (jcvi) : The jcvi Python library is vulnerable to a configuration injection via unsanitized user input that reaches the configuration file (notably ~/.jcvirc). The issue centers on the code path in jcvi/apps/base.py where a user-provided value is stored as a path for binaries; unde...

8.8CVSS8.4AI score0.01841EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/23 9:5 p.m.12 views

CVE-2023-35932 jcvi vulnerable to Configuration Injection due to unsanitized user input

jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...

7.1CVSS8AI score0.01841EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/06/23 9:5 p.m.50 views

CVE-2023-35932 jcvi vulnerable to Configuration Injection due to unsanitized user input

jcvi is a Python library to facilitate genome assembly, annotation, and comparative genomics. A configuration injection happens when user input is considered by the application in an unsanitized format and can reach the configuration file. A malicious user may craft a special payload that may lea...

7.1CVSS9.5AI score0.01841EPSS
Exploits0References2
Rows per page
Query Builder