2 matches found
CVE-2011-4104
The fromyaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method...
CVE-2011-4104
CVE-2011-4104 affects Django Tastypie (older than 0.9.10). The vulnerability arises from the from_yaml deserialization in serializers.py, where YAML data is deserialized with yaml.load, allowing remote attackers to execute arbitrary Python code. The connected documents confirm the impact and vect...