1 results (0.010 seconds)
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1
CVE-2017-2810
https://notcve.org/view.php?id=CVE-2017-2810
An exploitable vulnerability exists in the Databook loading functionality of Tablib 0.11.4. A yaml loaded Databook can execute arbitrary python commands resulting in command execution. An attacker can insert python into loaded yaml to trigger this vulnerability. Una vulnerabilidad explotable en la funcionalidad Databook loading de Tablib versión 0.11.4. Un Databook cargado yaml puede ejecutar comandos python arbitrarios resultando en la ejecución de comandos. • http://www.securityfocus.com/bid/99076 https://security.gentoo.org/glsa/201811-18 https://talosintelligence.com/vulnerability_reports/TALOS-2017-0307 •