Download
| Alert*
|
oval:org.secpod.oval:def:67127
rdflib: Pure Python package for working with RDF RDFLib could be made to made to execute arbitrary code if it were running in a directory with a specially crafted file. oval:org.secpod.oval:def:2001029 The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts directo ... oval:org.secpod.oval:def:705651 rdflib: Pure Python package for working with RDF RDFLib could be made to made to execute arbitrary code if it were running in a directory with a specially crafted file. oval:org.secpod.oval:def:1900018 The Debian python-python-rdflib-tools 4.2.2-1 package for python-rdflib 4.2.2 has CLItools that can load Python modules from the current working directory,allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scr ... |
