CVE-2021-36711

Unrestricted Upload of File with Dangerous Type in pypi/OctoBot

Identifiers

GHSA-fr75-x856-q6j8, CVE-2021-36711

Package Slug

pypi/OctoBot

Vulnerability

Unrestricted Upload of File with Dangerous Type

Description

WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.

Affected Versions

All versions before 0.4.4

Solution

Upgrade to version 0.4.4 or above.

Last Modified

2022-07-26

source