PyPi: Dcnnt

CVE-2023-1000

Safety vulnerability ID: 62062

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Apr 27, 2024 Updated at Nov 29, 2024

Scan your Python projects for vulnerabilities →

Advisory

A critical vulnerability has been identified in cyanomiko dcnnt-py affecting the Notification Handler component in the function main of the file dcnnt/plugins/notifications.py. This vulnerability allows for command injection, enabling remote attackers to execute arbitrary commands on the affected system.

Affected package

dcnnt

Latest version: 0.10.0

UI-less tool to connect Android phone with desktop

Affected versions

Fixed versions

Vulnerability changelog

* Fix command injection vulnerability

Resources

https://github.com/advisories/GHSA-8p42-7597-p2f6
https://pypi.org/project/dcnnt
https://data.safetycli.com/changelogs/dcnnt/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1000

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application