Gentoo Linux Security Advisory 200911-4 – An untrusted search path vulnerability in the dstat might result in the execution of arbitrary code. Robert Buchholz of the Gentoo Security Team reported that dstat includes the current working directory and subdirectories in the Python module search path (sys.path) before calling import. Versions less than 0.6.9-r1 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/82901/glsa-200911-04.txt
Source: https://packetstormsecurity.com/files/82901/Gentoo-Linux-Security-Advisory-200911-4.html