Lucene search
K

10 matches found

Mageia
Mageia
added 2024/09/25 6:8 p.m.20 views

Updated python-astropy packages fix security vulnerability

Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a command or a script file as a value to the savelayout argument, which will be placed as the first value in a...

8.4CVSS7.7AI score0.01124EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2024-d8ac19de55)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS8.5AI score0.01124EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.9 views

Fedora: Security Advisory (FEDORA-2024-d329148f1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS8.5AI score0.01124EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/07/05 12:0 a.m.10 views

Fedora 40 : python-astropy (2024-d329148f1e)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d329148f1e advisory. Security fix for CVE-2023-41334 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

8.4CVSS7.8AI score0.01124EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2024/03/20 3:50 a.m.4 views

SUSE CVE-2023-41334

Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...

8.4CVSS8.2AI score0.01124EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2024/03/18 8:26 p.m.6 views

aimapper (=0.1.0), aimfast (>=0.1.0 <=1.3.3) +237 more potentially affected by CVE-2023-41334 via astropy (>=1.2.1 <=5.3.2)

astropy PYPI version =1.2.1, =0.1.0, =0.2.0, =0.2.2, =0.7.1, =2.5.0, =0.0.3, =0.0.1, =1.0.1, =0.3.0, =0.0.2, =1.0.0, =1.4.0 and more Source cves: CVE-2023-41334 Source advisory: OSV:GHSA-H2X6-5JX5-46HF...

8.4CVSS7.2AI score0.01124EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2024/03/18 7:15 p.m.9 views

CVE-2023-41334

Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...

8.4CVSS7.7AI score0.01124EPSS
Exploits1References3
CVE
CVE
added 2024/03/18 6:48 p.m.79 views

CVE-2023-41334

CVE-2023-41334 affects Astropy core package version 5.3.2, with remote code execution due to improper input validation in TranformGraph().to_dot_graph. A crafted savelayout value can be injected into subprocess.Popen, causing the malicious command to execute despite an error. The issue is fixed i...

8.4CVSS8.6AI score0.01124EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2024/03/18 6:48 p.m.26 views

CVE-2023-41334

Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...

8.4CVSS8.5AI score0.01124EPSS
Exploits1
Circl
Circl
added 2024/03/18 5:34 p.m.8 views

CVE-2023-41334

creationtimestamp| type| source ---|---|--- 2024-03-18 17:34:58+00:00| published-proof-of-concept| https://github.com/astropy/astropy/security/advisories/GHSA-h2x6-5jx5-46hf 2024-03-18 20:26:38+00:00| seen| https://t.me/ctinow/210904 2024-03-18 20:26:58+00:00| seen| https://t.me/ctinow/210922...

8.4CVSS7.2AI score0.01124EPSS
Exploits1References3
Rows per page
Query Builder