CVE-2019-7537

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

EUVD-2019-0046

Malware in sbrugna...

Donfig Command Injection in collect_yaml method

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

GHSA-3QR5-H7W4-3GX3 Donfig Command Injection in collect_yaml method

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

Arbitrary Command Execution

donfig is vulnerable to arbitrary command execution. The collectyaml function in configobj.py does not prevent the loading of unsafe .yaml files provided by the user or by third-party packages, allowing for arbitrary code execution...

CVE-2019-7537

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

CVE-2019-7537

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

Design/Logic Flaw

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

PYSEC-2019-21

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

PYSEC-2019-91

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

PYSEC-2019-21

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...

CVE-2019-7537

Donfig 0.3.0 is affected by a command-injection in the collect_yaml method of config_obj.py. Multiple connected sources (RH/CVE-2019-7537, OSV/GHSA-3QR5-H7W4-3GX3, Veracode, NVD) confirm that loading user-provided YAML can lead to arbitrary Python execution, enabling potential remote command exec...

CVE-2019-7537

An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collectyaml method in configobj.py. It can execute arbitrary Python commands, resulting in command execution...