pytroll/donfig

Releases13

Frequency5 months 2 weeks

Last Release about 2 years ago

Stars40

Python library for configuring a package including defaults, env variable loading, and yaml loading.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-7537 ↗	Mar 21, 2019Thursday, 21 March 2019, 20:29	—	7.5 HIGH
An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collect_yaml method in config_obj.py. It can execute arbitrary Python commands, resulting in command execution.