An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collect_yaml method in config_obj.py. It can execute arbitrary Python commands, resulting in command execution.Referenceshttps://github.com/pytroll/donfig/issues/5https://github.com/pytroll/donfig/commits/master
