Homepage

django_make_app@0.1.1 vulnerabilities

Define models and fields using YAML and generate app for Django with views, forms, templates etc.

  • latest version

    0.1.3

  • first published

    8 years ago

  • latest version published

    7 years ago

  • licenses detected

  • View django_make_app package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the django_make_app package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Arbitrary Code Execution

    django_make_app is define models and fields using YAML and generate app for Django with views, forms, templates etc.

    Affected versions of the package are vulnerable to Arbitrary Code Execution. An exploitable vulnerability exists in the YAML parsing functionality in the read_yaml_file method in io_utils.py in django_make_app 0.1.3. A YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigger this vulnerability.

    How to fix Arbitrary Code Execution?

    There is no fix version for django_make_app.

    [0,)
    Go back to all versions of this package