This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code execution.
{
"source": "CPE_RANGE",
"cpe": "cpe:2.3:a:pwntools_project:pwntools:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "4.3.1"
}
]
}