An issue was discovered in EdgeGallery/developer before v1.0. There is a “Deserialization of yaml file” vulnerability that can allow attackers to execute system command through uploading the malicious constructed YAML file.
CPE | Name | Operator | Version |
---|---|---|---|
developer-be | eq | 0.9-CodeFreeze | |
developer-be | eq | Release-v0.9-tag |