PYSEC-2021-65

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/gramaddict/PYSEC-2021-65.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2021-65

Aliases

CVE-2020-36245
GHSA-q5h6-49gg-2wfg

Published

2021-02-17T22:15:00Z

Modified

2024-04-22T22:27:03.487337Z

Summary

[none]

Details

GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port 7912, e.g., by being on the same Wi-Fi network.

References

https://github.com/GramAddict/bot/issues/134

Affected packages

PyPI / gramaddict

Package

Name: gramaddict; View open source insights on deps.dev
Purl: pkg:pypi/gramaddict

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.4

Affected versions

1.*

1.2.0b1

1.2.0b2

1.2.0b3

1.2.0

1.2.1

1.2.2

1.2.3