Code injection in Danijar Definitions
Critical severity
GitHub Reviewed
Published
Dec 26, 2018
to the GitHub Advisory Database
•
Updated Sep 5, 2023
Description
Published to the GitHub Advisory Database
Dec 26, 2018
Reviewed
Jun 16, 2020
Last updated
Sep 5, 2023
There is a vulnerability in
load()
method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution.References