Arbitrary OS command execution via untrusted Bikeshed Inline Tag Command metadata (pre-3.0.0)
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source file containing Inline Tag Command metadata is processed. When an arbitrary OS command is executed, the command output would be included in the HTML output.
Vulnerability in qlib's workflow: Unsafe YAML load
This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.
Unsanitized input in Gerapy package (0 to 0.9.3) via Popen in project_configure endpoint
This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isnโt being sanitized.
Digi ConnectPort X2e < 3.2.30.6 symlink privilege escalation via /etc/init.d/S50dropbear.sh and /WEB/python/.ssh
Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.
Remote code execution in Zope via AccessControl v4 and v5
The module `AccessControl` defines security policies for Python code used in restricted code within Zope applications. Restricted code is any code that resides in Zope's object database, such as the contents of `Script (Python)` objects. The policies defined in `AccessControl` severely restrict access to Python modules and only exempt a few that are deemed safe, such as Python's `string` module. However, full access to the `string` module also allows access to the class `Formatter`, which can be overridden and extended within `Script (Python)` in a way that provides access to other unsafe Python libraries. Those unsafe Python libraries can be used for remote code execution. By default, you need to have the admin-level Zope "Manager" role to add or edit `Script (Python)` objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web - which would be a very unusual configuration to begin with - are at risk. The problem has been fixed in AccessControl 4.3 and 5.2. Only AccessControl versions 4 and 5 are vulnerable, and only on Python 3, not Python 2.7. As a workaround, a site administrator can restrict adding/editing `Script (Python)` objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope.
EA Karotz Smart Rabbit 12.07.19.00 Python module hijacking
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking
Python-requests-Kerberos 0.5 has a vulnerability lacking mutual authentication support
python-requests-Kerberos through 0.5 does not handle mutual authentication
Python Twisted 14.0 HTTP client ignores trustRoot, causing a security vulnerability
Python Twisted 14.0 trustRoot is not respected in HTTP client
Untrusted search path in Csound 5.08.2 allows local users to execute arbitrary code via a malicious Python file in the current directory
Untrusted search path vulnerability in the (1) "VST plugin with Python scripting" and (2) "VST plugin for writing score generators in Python" in Csound 5.08.2, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
Firefox < 72 on Windows allows Python files served as text/plain to be executed instead of opened (security vulnerability)
When Python was installed on Windows, a python file being served with the MIME type of text/plain could be executed by Python instead of being opened as a text file when the Open option was selected upon download. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 72.
Introducing the "VAITP dataset": a specialized repository of Python vulnerabilities and patches, meticulously compiled for the use of the security research community. As Python's prominence grows, understanding and addressing potential security vulnerabilities become crucial. Crafted by and for the cybersecurity community, this dataset offers a valuable resource for researchers, analysts, and developers to analyze and mitigate the security risks associated with Python. Through the comprehensive exploration of vulnerabilities and corresponding patches, the VAITP dataset fosters a safer and more resilient Python ecosystem, encouraging collaborative advancements in programming security.
The supreme art of war is to subdue the enemy without fighting.
Sun Tzu – “The Art of War”
:: Shaping the future through research and ingenuity ::