Enviar #593612: PySpur-Dev pyspur <=v0.1.18 Remote Code Executeinformación

Título	PySpur-Dev pyspur <=v0.1.18 Remote Code Execute
Descripción	The implementation of certain node classes in the workflow of pyspur does not securely use Jinja2 Template object, resulting in arbitrary code execution.
Fuente	⚠️ https://github.com/PySpur-Dev/pyspur/issues/289
Usuario	Anonymous User
Sumisión	2025-06-10 03:54 (hace 10 meses)
Moderación	2025-06-23 14:26 (13 days later)
Estado	Aceptado
Entrada de VulDB	313638 [PySpur-Dev pyspur hasta 0.1.18 Jinja2 Template single_llm_call.py SingleLLMCallNode user_message escalada de privilegios]
Puntos	15

Do you want to use VulDB in your project?

Use the official API to access entries easily!