漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Possible to hijack modules in current working directory
Vulnerability Description
pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command (e.g., pip, pytest) from an attacker-controlled directory, a malicious module in that directory can be imported and executed instead of the intended package.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Python Install Manager 安全漏洞
Vulnerability Description
Python Install Manager是Python开源的一个Python安装管理工具。 Python Install Manager存在安全漏洞,该漏洞源于将当前工作目录包含在sys.path中,可能导致从攻击者控制的目录导入并执行恶意模块。
CVSS Information
N/A
Vulnerability Type
N/A