2 matches found
CVE-2024-47578 Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services)
Adobe Document Service allows an attacker with administrator privileges to send a crafted request from a vulnerable web application. It is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side...
GHSA-9XGJ-FCGF-X6MW Poetry Argument Injection can lead to Local Code Execution
Observation When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such as git clone. These commands are being constructed using user input e.g. the repository URL. When building the commands, Poetry correctly avoids Command Injection...