5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.017 Low
EPSS
Percentile
87.9%
Updated python-yaml packages fix security vulnerability: Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using python-yaml could cause the application to crash. This issue is similar to CVE-2014-9130, but the assertion was independently implemented in Python-YAML.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | python-yaml | < 3.10-5.1 | python-yaml-3.10-5.1.mga4 |