0.004 Low
EPSS
Percentile
72.1%
lookatme is vulnerable to OS command injection. The vulnerability exists through the rendering of untrusted markdown when the built-in terminal and file_loader extensions are automatically loaded.
terminal
file_loader
github.com/d0c-s4vage/lookatme/commit/72fe36b784b234548d49dae60b840c37f0eb8d84
github.com/d0c-s4vage/lookatme/pull/110
github.com/d0c-s4vage/lookatme/releases/tag/v2.3.0
github.com/d0c-s4vage/lookatme/security/advisories/GHSA-c84h-w6cr-5v8q
pypi.org/project/lookatme/#history