GHSA-74xw-82v7-hmrm

Suggest an improvement
Source
https://github.com/advisories/GHSA-74xw-82v7-hmrm
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/04/GHSA-74xw-82v7-hmrm/GHSA-74xw-82v7-hmrm.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-74xw-82v7-hmrm
Aliases
Published
2019-04-23T16:04:36Z
Modified
2024-02-16T08:14:52.227482Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Improper Input Validation in python-dbusmock
Details

python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawnservertemplate() method could be tricked into executing malicious code if an attacker supplies a .pyc file.

References

Affected packages

PyPI / python-dbusmock

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.15.1

Affected versions

0.*

0.0.2
0.0.3
0.1
0.1.1
0.1.2
0.1.3
0.2.0
0.2.1
0.2.2
0.3
0.3.1
0.4.0
0.5
0.6
0.6.1
0.6.2
0.6.3
0.7
0.7.1
0.7.2
0.8
0.8.1
0.9
0.9.1
0.9.2
0.10
0.10.1
0.10.2
0.10.3
0.11
0.11.1
0.11.2
0.11.3
0.11.4
0.12
0.13
0.14
0.15