CVE-2023-41334 | Astropy 5.3.2 TranformGraph.to_dot_graph savelayout command injection

Inserito da Angelo Barbosa | Mar 18, 2024 | CVE

A vulnerability was found in Astropy 5.3.2. It has been declared as critical. This vulnerability affects the function TranformGraph.to_dot_graph. The manipulation of the argument savelayout leads to command injection.

This vulnerability was named CVE-2023-41334. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-41334 | Astropy 5.3.2 TranformGraph.to_dot_graph savelayout command injection

Post correlati

CVE-2024-21727 | digital-peak DP Calendar Component up to 8.14.0 on Joomla cross site scripting

CVE-2024-50343 | Symfony information disclosure

CVE-2024-4737 | Campcodes Legal Case Management System 1.0 /admin/vendor company_name/mobile cross site scripting

CVE-2024-32724 | Woo Product Importer Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy Plugin authorization