CVE-2023-41334 | Astropy 5.3.2 TranformGraph.to_dot_graph savelayout command injection

Inserito da Angelo Barbosa | Mar 18, 2024 | CVE

A vulnerability was found in Astropy 5.3.2. It has been declared as critical. This vulnerability affects the function TranformGraph.to_dot_graph. The manipulation of the argument savelayout leads to command injection.

This vulnerability was named CVE-2023-41334. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-41334 | Astropy 5.3.2 TranformGraph.to_dot_graph savelayout command injection

Post correlati

CVE-2023-51804 | rymcu forest 0.02 HTTP Body URL com.rymcu.forest.web.api.common.UploadController information disclosure (Issue 149)

CVE-2024-35222 | Tauri prior 1.6.7/2.0.0-beta.19 dangerousRemoteDomainIpcAccess access control

CVE-2024-33648 | wzy Media Recencio Book Reviews Plugin up to 1.66.0 on WordPress cross site scripting

CVE-2024-33612 | F5 BIG-IP Next Central Manager up to 20.1.0 certificate validation (K000139012)