{"id":"PYSEC-2019-153","details":"modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.","aliases":["CVE-2017-1002157","GHSA-jhjh-ghwx-6h7r"],"modified":"2023-11-08T03:58:48.372528Z","published":"2019-01-10T21:29:00Z","references":[{"type":"WEB","url":"https://pagure.io/modulemd/issue/55"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-jhjh-ghwx-6h7r"}],"affected":[{"package":{"name":"modulemd","ecosystem":"PyPI","purl":"pkg:pypi/modulemd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.2"}]}],"versions":["0.1","1.0.0","1.0.1","1.0.2","1.1.0","1.2.0","1.3.0","1.3.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/modulemd/PYSEC-2019-153.yaml"}}],"schema_version":"1.7.3"}