CVE-2020-15271

{"id": "CVE-2020-15271", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.8, "exploitabilityScore": 2.8}]}, "published": "2020-10-26T18:15:14.480", "references": [{"url": "https://github.com/d0c-s4vage/lookatme/commit/72fe36b784b234548d49dae60b840c37f0eb8d84", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/d0c-s4vage/lookatme/pull/110", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/d0c-s4vage/lookatme/releases/tag/v2.3.0", "tags": ["Release Notes", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/d0c-s4vage/lookatme/security/advisories/GHSA-c84h-w6cr-5v8q", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://pypi.org/project/lookatme/#history", "tags": ["Release Notes", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "In lookatme (python/pypi package) versions prior to 2.3.0, the package automatically loaded the built-in \"terminal\" and \"file_loader\" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. As a workaround, the `lookatme/contrib/terminal.py` and `lookatme/contrib/file_loader.py` files may be manually deleted. Additionally, it is always recommended to be aware of what is being rendered with lookatme."}, {"lang": "es", "value": "En lookatme (paquete python/pypi) versiones anteriores a 2.3.0, el paquete cargaba autom\u00e1ticamente las extensiones integradas \"terminal\" y \"file_loader\". Los usuarios que usan lookatme para renderizar rebajas que no son de confianza pueden ejecutar comandos de shell maliciosos autom\u00e1ticamente en su sistema. Esto es corregido en la versi\u00f3n 2.3.0. Como soluci\u00f3n alternativa, los archivos \"lookatme/contrib/terminal.py\" y \"lookatme/contrib/file_loader.py\" pueden ser eliminados manualmente. Adem\u00e1s, es siempre recomendado estar al tanto de lo que se est\u00e1 renderizando con lookatme"}], "lastModified": "2020-11-13T16:40:26.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lookatme_project:lookatme:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD795181-94C0-4D6E-BD09-B2F5B2D6A584", "versionEndExcluding": "2.3.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}