9 matches found
Updated python-astropy packages fix security vulnerability
Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a command or a script file as a value to the savelayout argument, which will be placed as the first value in a...
SUSE CVE-2023-41334
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
RCE in TranformGraph().to_dot_graph function
Summary RCE due to improper input validation in TranformGraph.todotgraph function Details Due to improper input validation a malicious user can provide a command or a script file as a value to savelayout argument, which will be placed as the first value in a list of arguments passed to...
GHSA-H2X6-5JX5-46HF RCE in TranformGraph().to_dot_graph function
Summary RCE due to improper input validation in TranformGraph.todotgraph function Details Due to improper input validation a malicious user can provide a command or a script file as a value to savelayout argument, which will be placed as the first value in a list of arguments passed to...
DEBIAN-CVE-2023-41334
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
UBUNTU-CVE-2023-41334
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
CVE-2023-41334
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
CVE-2023-41334 astropy vulnerable to RCE in TranformGraph().to_dot_graph function
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
PT-2024-12939
Name of the Vulnerable Software and Affected Versions Astropy version 5.3.2 Description The issue is related to remote code execution due to improper input validation in the TranformGraph.to dot graph function. A malicious user can provide a command or a script file as a value to the savelayout...