jw.util@1.5b0 vulnerabilities
Version handling, YAML configuration, file renaming with various backup strategies
-
latest version
2.3
-
first published
10 years ago
-
latest version published
8 years ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the jw.util package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
jw.util is a package for version handling, YAML configuration and file renaming with various backup strategies. Affected versions of this package are vulnerable to Remote Code Execution (RCE). An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because How to fix Remote Code Execution (RCE)? There is no fixed version for |
[0,)
|