Lucene search
+L

10 matches found

CNNVD
CNNVD
added 2026/05/26 12:0 a.m.12 views

mistune 跨站脚本漏洞

Mistune is a fast and powerful Python Markdown parser developed by Hsiaoming Yang. Versions of Mistune prior to 3.2.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of Python format strings to insert id and text values into tags without proper HTML escapin...

6.1CVSS5.8AI score0.00228EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:49 a.m.5 views

CVE-2022-27177

A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...

9.8CVSS7.5AI score0.02139EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-0046

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02139EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2023-2467

Malicious code in bioql PyPI...

7.7CVSS7.5AI score0.00519EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 4:15 a.m.8 views

CVE-2023-41050

AccessControl provides a general security framework for use in Zope. Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use...

7.7CVSS7AI score0.00519EPSS
Exploits0
OSV
OSV
added 2023/09/07 12:56 p.m.18 views

GHSA-8XV7-89VJ-Q48C Information disclosure in AccessControl

Impact Python's "format" functionality allows someone controlling the format string to "read" objects accessible recursively via attribute access and subscription from accessible objects. Those attribute accesses and subscriptions use Python's full blown getattr and getitem, not the policy...

6.8CVSS7AI score0.00519EPSS
Exploits0References4
Veracode
Veracode
added 2022/04/04 5:48 a.m.29 views

Remote Code Execution

consoleme is vulnerable to remote code execution. A remote attacker is able to upload and execute malicious code and gain access to sensitive user information on the targeted system due to a python format string issue in iterateandformatdict function...

9.8CVSS3.8AI score0.02139EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/04/01 11:15 p.m.4 views

CVE-2022-27177

A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...

9.8CVSS7.8AI score0.02139EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/01 11:15 p.m.1 views

CVE-2022-27177

A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to 1.2.2...

9.8CVSS7.8AI score0.02139EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/01 12:0 a.m.5 views

ConsoleMe 格式化字符串错误漏洞

ConsoleMe is a web service that makes AWS IAM rights and credential management easier for end users and cloud administrators. A security vulnerability exists in ConsoleMe versions prior to 1.2.2 that stems from a Python format string issue...

9.8CVSS8.2AI score0.02139EPSS
Exploits0References2
Rows per page
Query Builder