Debian python-rdflib-tools 代码注入漏洞 CVE-2019-7653 CNNVD-201902-187

7.5 AV AC AU C I A
发布: 2019-02-09
修订: 2020-09-25

Debian python-rdflib-tools是一款用于处理RDF(资源描述框架)的Python库。 Debian python-rdflib-tools 4.2.2-1版本(用于RDFLib 4.2.2版本)中存在 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because \"python -m\" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts directory.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息