High severity7.5NVD Advisory· Published Jun 14, 2017· Updated Jun 17, 2026
CVE-2017-2810
CVE-2017-2810
Description
An exploitable vulnerability exists in the Databook loading functionality of Tablib 0.11.4. A yaml loaded Databook can execute arbitrary python commands resulting in command execution. An attacker can insert python into loaded yaml to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tablibPyPI | < 0.11.5 | 0.11.5 |
Affected products
6- cpe:2.3:a:python:tablib:0.11.4:*:*:*:*:*:*:*
- ghsa-coords4 versionspkg:pypi/tablibpkg:rpm/suse/python-tablib&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012pkg:rpm/suse/python-tablib&distro=SUSE%20OpenStack%20Cloud%206pkg:rpm/suse/python-tablib&distro=SUSE%20OpenStack%20Cloud%207
< 0.11.5+ 3 more
- (no CPE)range: < 0.11.5
- (no CPE)range: < 0.9.11-3.1
- (no CPE)range: < 0.9.11-3.1
- (no CPE)range: < 0.9.11-3.1
- Range: 0.11.4
Patches
Vulnerability mechanics
References
7- talosintelligence.com/vulnerability_reports/TALOS-2017-0307nvdExploitThird Party AdvisoryVDB EntryWEB
- www.securityfocus.com/bid/99076nvdThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-gcr6-rf47-jrgfghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-2810ghsaADVISORY
- github.com/jazzband/tablib/commit/69abfc3ada5d754cb152119c0b4777043657cb6eghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/tablib/PYSEC-2017-95.yamlghsaWEB
- security.gentoo.org/glsa/201811-18nvdWEB
News mentions
0No linked articles in our index yet.