An issue exists in Donfig 0.3.0. There is a vulnerability in the collect_yaml method in config_obj.py. It can execute arbitrary Python commands, resulting in command execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pytroll donfig 0.3.0 |