CVE-2021-23352

Published: 2021-03-09T19:15Z

Last Modified: 2024-11-21T05:51Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

This affects the package madge before 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image(), .svg() or .dot() functions are called, is executed by the childprocess.exec function. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt