2 matches found
CVE-2018-1000167
OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The "list-sources"-command is affected by this bug. that can result in Remote...
CVE-2018-1000167
CVE-2018-1000167 affects OISF suricata-update v1.0.0a1, via an insecure deserialization in the YAML loader (yaml.load) used in files such as config.py (lines 136, 142) and sources.py (lines 99, 131). The vulnerability can enable Remote Code Execution (potentially with root privileges if suricata-...