Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-h95x-26f3-88hr: js2py allows remote code execution

An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.

ghsa
#js#git#rce

js2py allows remote code execution

High severity GitHub Reviewed Published Jun 20, 2024 to the GitHub Advisory Database • Updated Jun 20, 2024

ghsa: Latest News

GHSA-6jrf-rcjf-245r: changedetection.io path traversal using file URI scheme without supplying hostname