Vendor
Confire Project
Products
1
CVEs
1
Across products
1
Status
Private
Products
1- Confire1 CVEpypi
Recent CVEs
1| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-16763 | Cri | 0.57 | 9.8 | 0.04 | Nov 10, 2017 | An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command… |
- risk 0.57cvss 9.8epss 0.04
An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in command…