8 matches found
EUVD-2019-0132
Malware in sbrugna...
sqla-yaml-fixtures is vulnerable to Code Injection
Sqlayamlfixtures versions up to 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...
CVE-2019-3575
Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...
CVE-2019-3575
Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...
Code injection
Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...
PYSEC-2019-52
Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...
CVE-2019-3575
Sqla_yaml_fixtures up to version 0.9.1 is vulnerable to code injection: the fixture_text argument passed to sqla_yaml_fixtures.load can execute arbitrary Python code. Root cause is unsafe use of yaml.load. Impact is local code execution with high risk; remediation details are not provided in the ...
CVE-2019-3575
Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...