{"id":"CVE-2017-1002157","details":"modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.","aliases":["GHSA-jhjh-ghwx-6h7r","PYSEC-2019-153"],"modified":"2026-05-04T08:16:40.143366Z","published":"2019-01-10T21:29:00.267Z","withdrawn":"2026-05-04T08:16:40.143366Z","references":[{"type":"REPORT","url":"https://pagure.io/modulemd/issue/55"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.3.1"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1002157.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}