Skip to content

Gerapy < 0.9.9 An authenticated user can execute arbitrary command

High
Germey published GHSA-756h-r2c9-qp5j Dec 26, 2021

Package

pip gerapy (pip)

Affected versions

<0.9.9

Patched versions

0.9.9

Description

Impact

An authenticated user can execute arbitrary command, see more in #211.

Patches

Fixed in 0.9.9

Severity

High

CVE ID

No known CVE

Weaknesses

No CWEs