VYPR

Pybitmessage

by Bitmessage

Source repositories

CVEs (2)

  • CVE-2021-26917MedFeb 8, 2021
    risk 0.36cvss 5.5epss 0.01

    PyBitmessage through 0.6.3.2 allows attackers to write screen captures to Potentially Unwanted Directories via a crafted apinotifypath value. NOTE: the discoverer states "security mitigation may not be necessary as there is no evidence yet that these screen intercepts are…

  • CVE-2018-1000070HigMar 13, 2018
    risk 0.00cvss 8.8epss 0.02

    Bitmessage PyBitmessage version v0.6.2 (and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0) contains a Eval injection vulnerability in main program, file src/messagetypes/__init__.py function constructObject that can result in Code Execution. This attack…