Pybitmessage
Monthly
PyBitmessage through 0.6.3.2 allows attackers to write screen captures to Potentially Unwanted Directories via a crafted apinotifypath value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.
Bitmessage PyBitmessage version v0.6.2 (and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0) contains a Eval injection vulnerability in main program, file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.
PyBitmessage through 0.6.3.2 allows attackers to write screen captures to Potentially Unwanted Directories via a crafted apinotifypath value. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.
Bitmessage PyBitmessage version v0.6.2 (and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0) contains a Eval injection vulnerability in main program, file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.