| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Arbitrary code execution |
|
| Description |
| + |
This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code execution. |
|
| References |
| + |
https://snyk.io/vuln/SNYK-PYTHON-PWNTOOLS-1047345 |
| + |
https://github.com/Gallopsled/pwntools/issues/1427 |
| + |
https://github.com/Gallopsled/pwntools/pull/1732 |
| + |
https://github.com/Gallopsled/pwntools/commit/138188eb1c027a2d0ffa4151511c407d3a001660 |
|
| Notes |
|