CVE-2018-14400 in pycparserالمعلومات

الملخص

بحسب MITRE

In pycparser, a pickle.load call (within the read_pickle function of the LRTable class in yacc.py) on imported data allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

حجز

18/07/2018

إفشاء

28/08/2018

الاعتدال

تمت الموافقة

إدخال

VDB-123329

EPSS

0.00000

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you know our Splunk app?

Download it now for free!