Vulnerabilities > CVE-2017-16764 - Unspecified vulnerability in Django Make APP Project Django Make APP 0.1.3

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
django-make-app-project
critical
NVD
Published: 2017-11-10
Updated: 2024-11-21

Summary

An exploitable vulnerability exists in the YAML parsing functionality in the read_yaml_file method in io_utils.py in django_make_app 0.1.3. A YAML parser can execute arbitrary Python commands resulting in command execution. An attacker can insert Python into loaded YAML to trigger this vulnerability.

Vulnerable Configurations

Part Description Count
Application
Django_Make_App_Project
1

References