12 matches found
EUVD-2020-0101
Malware in sbrugna...
CVE-2020-15271
In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...
Markdown-supplied Shell Command Execution
Impact lookatme versions prior to 2.3.0 automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. Patches Users should upgrade to lookatme versions 2.3.0 or...
lookatme OS Command Injection Vulnerability
lookatme is a terminal-based, interactive pypi codebase for markdown presentations for individual developers. An operating system command injection vulnerability exists in lookatme python/pypi package versions prior to 2.3.0, which can be exploited by an attacker to automatically run malicious...
DEBIAN-CVE-2020-15271
In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...
CVE-2020-15271
In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...
PYSEC-2020-61
In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...
Code injection
In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...
PYSEC-2020-61
In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...
CVE-2020-15271 Shell Command Execution in lookatme
In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...
CVE-2020-15271
In lookatme (Python/pypi) versions prior to 2.3.0, the package automatically loaded the built-in terminal and file_loader extensions. Rendering untrusted Markdown could cause malicious shell commands to run on the user’s system. This is fixed in version 2.3.0. As a workaround, the files lookatme/...
CVE-2020-15271
In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...