Lucene search
K

78 matches found

Snyk
Snyk
added 2026/01/22 6:2 p.m.5 views

Deserialization of Untrusted Data

Overview docling-core is an A python library to define and validate data types in Docling. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the loadfromyaml function. An attacker can execute arbitrary code by providing malicious YAML input to the...

10CVSS6.2AI score0.05984EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : python38:3.8 (AXSA:2021-2388:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2388:01 advisory. PyYAML: incomplete fix for CVE-2020-1747 CVE-2020-14343 Modularity name: python38 Stream name: 3.8 Tenable has extracted the preceding description block...

10CVSS8.2AI score0.05984EPSS
Exploits1References2
Virtuozzo
Virtuozzo
added 2025/09/25 12:0 a.m.45 views

[Important] [Security] Vulnerability Fixes in urllib3, PyYAML, and Pillow (CVE-2018-20060, CVE-2020-1747, CVE-2020-14343, CVE-2023-50447, and CVE-2023-44271) for VzLinux 7.9

This update fixes the vulnerabilities in urllib3, PyYAML, and Pillow, which are registered as CVE-2018-20060, CVE-2020-1747, CVE-2020-14343, CVE-2023-50447, and CVE-2023-44271...

10CVSS8.1AI score0.05984EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 3: PyYAML (TSSA-2022:0177)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0177 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

10CVSS8.4AI score0.05984EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0269: PyYAML (ALINUX3-SA-2024:0269)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0269 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2017-18342: In PyYAML before 5.1, the...

10CVSS8.3AI score0.06031EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0262: python38:3.8 and python38-devel:3.8 (ALINUX3-SA-2024:0262)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0262 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-18874: psutil aka python-psutil...

10CVSS8.9AI score0.35963EPSS
Exploits8References16
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/26 8:0 p.m.24 views

Security Bulletin: Vulnerability in PyYAML affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2020-14343]

Summary The PyYAML package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2020-14343. Vulnerability Details CVEID:CVE-2020-14343 DESCRIPTION: YAML PyYAML could allow a remote attacker to execute arbitrary code on the system,...

10CVSS7.5AI score0.05984EPSS
Exploits0Affected Software1
Redos
Redos
added 2024/03/13 12:0 a.m.8 views

ROS-2-1519

2.1519 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

10CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.30 views

ROS-2-860

2.860 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.05984EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.16 views

ROS-2-1503

2.1503 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

10CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.14 views

ROS-2-1353

2.1353 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS7.9AI score0.05984EPSS
Exploits0
Redos
Redos
added 2024/03/13 12:0 a.m.23 views

ROS-2-482

2.482 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.7AI score0.05984EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/11 12:51 p.m.25 views

Security Bulletin: Vulnerability in PyYAML affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2020-14343]

Summary The PyYAML package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEsCVE-2020-14343. Vulnerability Details CVEID:CVE-2020-14343 DESCRIPTION: YAML PyYAML could allow a remote attacker to execute arbitrary code on the system,...

10CVSS7.8AI score0.05984EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/02/26 12:0 a.m.44 views

GLSA-202402-33 : PyYAML: Arbitrary Code Execution

The remote host is affected by the vulnerability described in GLSA-202402-33 PyYAML: Arbitrary Code Execution - A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the...

10CVSS8.4AI score0.05984EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/13 12:0 a.m.33 views

CBL Mariner 2.0 Security Update: PyYAML (CVE-2020-14343)

The version of PyYAML installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-14343 advisory. - A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to...

10CVSS8.4AI score0.05984EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2023/11/10 5:45 p.m.14 views

CVE-2020-14343 affecting package PyYAML for versions less than 5.4.1-1

CVE-2020-14343 affecting package PyYAML for versions less than 5.4.1-1. An upgraded version of the package is available that resolves this issue...

10CVSS7.3AI score0.05984EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.25 views

ROS-2-1482

2.1482 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.18 views

ROS-2-932

2.932 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS7.8AI score0.05984EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.10 views

ROS-2-1361

2.1361 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

9.8CVSS9.8AI score0.05984EPSS
Exploits0
Redos
Redos
added 2023/07/06 12:0 a.m.39 views

ROS-2-509

2.509 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability coul...

9.8CVSS8.1AI score0.05984EPSS
Exploits0
Rows per page
Query Builder