CVE-2015-1326: Improper Input Validation
(updated )
Loading a template from a world-writable directory like /tmp through AddTemplate()
D-Bus
method call or DBusTestCase.spawn_server_template()
method could lead to executing malicious code with the user’s privileges if an attacker supplies a crafted .pyc
file.
References
Detect and mitigate CVE-2015-1326 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →