VDB
KO
CRITICAL 9.8

PYSEC-2022-43163

Details

WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / reqmon
Introduced in: 1.4.1rc5 Fixed in: 2.0.4
Fix pip install --upgrade 'reqmon>=2.0.4'

References