PT-2023-18804 · Bottle · Bottle

Stonemoe

Publicado

2023-05-26

Atualizado

2025-01-15

CVE-2023-22970

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Bottles versions prior to 51.0

Description The issue is related to the mishandling of YAML load, which can be exploited for remote code execution via a crafted file.

Recommendations For versions prior to 51.0, update to version 51.0 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2023-22970

Bottle