VulnerAlert



PYTHON
20-02-2025 19:38

CVE-2025-0868 Vulnerabilidad documentada

9.3 CRITICAL
Tags
#python
#data
#using
#vulnerability
#improper
#arbitrary
#remote
#issue
#execution
#execute
#attack
#unauthorized
#affect
Descripción
A vulnerability, that could result in Remote Code Execution (RCE), has been found DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker send arbitrary Python code be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0.
https://cert.pl/en/posts/2025/02/CVE-2025-0868/
https://cert.pl/posts/2025/02/CVE-2025-0868/
https://github.com/arc53/DocsGPT
Referencia
CVE-2025-0868/
Link externo
Ver detalles

Fuente
https://nvd.nist.gov/vuln/detail/CVE-2025-0868
Resultados similares
Coincidentes en almenos en 50% de los tags
05-06-2025
Linux : SUSE: 2025:01818-1 low: python-cryptography use-after-free issue * bsc#1242631 Cross-Re...
Ver información
05-06-2025
Linux : Slackware 15.0 Python3 Update: Fixing Security Issues and Enhancements New python3 pack...
Ver información
Icons made by Freepik from www.flaticon.com
Este Proyecto fue cofinanciado por el Consejo Nacional de Ciencia y Tecnología (CONACYT) a través del PROINNOVA 2021/2023
Proyecto realizado por