1 results (0.002 seconds)
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6507 – Deep Lake Kaggle command injection
https://notcve.org/view.php?id=CVE-2024-6507
04 Jul 2024 — Command injection when ingesting a remote Kaggle dataset due to a lack of input sanitization in the ingest_kaggle() API Inyección de comando al ingerir un conjunto de datos remoto de Kaggle debido a una falta de sanitización de entrada en la API ingest_kaggle() • https://github.com/activeloopai/deeplake/pull/2876 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •