CVE-2020-28468

Published January 8th, 2021

View on NVD ↗

CVSS v3

8.1

HIGH

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code execution.

Gallopsled/pwntools

CTF framework and exploit development library

GitHub

13.5K