2 matches found
python: mailcap: findmatch() function does not sanitize the second argument
A command injection vulnerability was found in the Python mailcap module. The issue occurs due to not adding escape characters into the system mailcap file commands. This flaw allows attackers to inject shell commands into applications that call the mailcap.findmatch function with untrusted input...
CLSA-2022-1658347450 Fixed CVE-2015-20170 in python2-4.module_el8.4.0+2071+0b56c8de.tuxcare.els3
CVE-2015-20170: mailcap: findmatch function does not sanitise the second argument allowing to inject shell commands...