Donfig Command Injection in collect_yaml method
An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collect_yaml method in config_obj.py. It can execute arbitrary Python commands, resulting in command execution.
Advisories for Pypi/Donfig package
2022