EUVD-2023-0292

Malicious code in bioql PyPI...

EUVD-2023-57872

Malicious code in bioql PyPI...

CVE-2023-5576

The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 0.9.91 via Google Drive API secrets stored in plaintext in the publicly visible plugin source. This could allow unauthenticated attackers to impersonate...

Fedora 40 : PyDrive2 (2023-392085b92b)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-392085b92b advisory. Automatic update for PyDrive2-1.18.0-1.fc40. Changelog Thu Dec 7 2023 Mikel Olasagasti Uranga - 1.18.0-1 - Update to 1.18.0 - Closes rhbz2253086 rhbz2253467...

Fedora: Security Advisory for PyDrive2 (FEDORA-2023-21d2191c73)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2023-8e70979de3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: PyDrive2-1.18.0-1.fc39

Google Drive API Python wrapper library. Maintained fork of PyDrive...

Fedora 39 : PyDrive2 (2023-8e70979de3)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8e70979de3 advisory. Update to 1.18 and security fix for CVE-2023-49297 Tenable has extracted the preceding description block directly from the Fedora security advisory...

Fedora 38 : PyDrive2 (2023-21d2191c73)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-21d2191c73 advisory. Update to 1.18 and security fix for CVE-2023-49297 Tenable has extracted the preceding description block directly from the Fedora security advisory...

CVE-2023-49297

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...

Directory traversal

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...

PYSEC-2023-291

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...

CVE-2023-49297 Unsafe YAML deserialization in PyDrive2

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...

CVE-2023-49297

Removed by vendor...

CVE-2023-49297 Unsafe YAML deserialization in PyDrive2

PyDrive2 is a wrapper library of google-api-python-client that simplifies many common Google Drive API V2 tasks. Unsafe YAML deserilization will result in arbitrary code execution. A maliciously crafted YAML file can cause arbitrary code execution if PyDrive2 is run in the same directory as it, o...

CVE-2023-49297

PyDrive2 contains an unsafe YAML deserialization vulnerability that allows arbitrary code execution when a malicious YAML file is present in the same directory or loaded via LoadSettingsFile during GoogleAuth initialization. The issue affects PyDrive2 prior to the fixed release, with a commit c57...

WordPress Migration, Backup, Staging - WPvivid Plugin < 0.9.92 Information Disclosure Vulnerability

The WordPress plugin Migration, Backup, Staging - WPvivid is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifie...

CVE-2023-5576

The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 0.9.91 via Google Drive API secrets stored in plaintext in the publicly visible plugin source. This could allow unauthenticated attackers to impersonate...

Design/Logic Flaw

The Migration, Backup, Staging - WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 0.9.91 via Google Drive API secrets stored in plaintext in the publicly visible plugin source. This could allow unauthenticated attackers to impersonate...

CVE-2023-5576

The WPvivid Migration, Backup, Staging plugin for WordPress is affected by CVE-2023-5576, with Google Drive API secrets stored in plaintext in the plugin source up to version 0.9.91. This could allow unauthenticated attackers to impersonate the WPvivid Google Drive account via the API if a user i...