VYPR

PyPI package

django_make_app

pkg:pypi/django_make_app

Vulnerabilities (1)

  • CVE-2017-16764CriNov 10, 2017
    affected <= 0.1.3

    An exploitable vulnerability exists in the YAML parsing functionality in the read_yaml_file method in io_utils.py in django_make_app 0.1.3. A YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigge