Lucene search
RedhatCVELIST:CVE-2016-4972HistorySep 26, 2016 - 4:00 p.m.
CVE-2016-4972
2016-09-2616:00:00
redhat
www.cve.org
OpenStack Murano before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), Murano-dashboard before 1.0.3 (liberty) and 2.x before 2.0.1 (mitaka), and python-muranoclient before 0.7.3 (liberty) and 0.8.x before 0.8.5 (mitaka) improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files, which allows remote attackers to create arbitrary Python objects and execute arbitrary code via crafted extended YAML tags in UI definitions in packages.
Related
prion
prion
Code injection
2016-09-26 16:59:00
cve
cve
CVE-2016-4972
2016-09-26 16:59:01
redhatcve
redhatcve
CVE-2016-4972
2016-06-23 23:48:25
ubuntucve
ubuntucve
CVE-2016-4972
2016-09-26 00:00:00
osv
osv
OpenStack Murano Code Execution
2022-05-17 03:48:22
PYSEC-2016-22
2016-09-26 16:59:00
nvd
nvd
CVE-2016-4972
2016-09-26 16:59:01
github
github
OpenStack Murano Code Execution
2022-05-17 03:48:22
debiancve
debiancve
CVE-2016-4972
2016-09-26 16:59:01