CRITICAL 9.8

PYSEC-2024-263

상세

Airflow-Diagrams v2.1.0 was discovered to contain an arbitrary file upload vulnerability in the unsafe_load function at cli.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted YML file.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / airflow-diagrams

최초 영향 버전: 0

No fixed version published yet for airflow-diagrams (pip). Pin to a known-safe version or switch to an alternative.

참고

https://github.com/bayuncao/vul-cve-15 [PACKAGE]