Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an unspecified impact via vectors related to "option injection through positional arguments." NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7323.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
python-gnupg 代码注入漏洞
Vulnerability Description
python-gnupg是英国软件开发者Vinay Sajip所研发的一套使用Python API的GNU隐私保护程序。 python-gnupg 0.3.5版本和0.3.6版本中存在安全漏洞,该漏洞源于程序没有阻止位置参数的选项注入。攻击者可利用该漏洞注入任意shell命令。(说明:CVE-2013-7323的补丁没有完全修复该漏洞,在CVE-2014-1929中仍然存在)
CVSS Information
N/A
Vulnerability Type
N/A