Arbitrary Code Execution Vulnerability in Sqla_yaml_fixtures 0.9.1

Arbitrary Code Execution Vulnerability in Sqla_yaml_fixtures 0.9.1

CVE-2019-3575 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixture_text argument in sqla_yaml_fixtures.load.

Learn more about our User Device Pen Test.