CVE-2019-3575
Sqla_yaml_fixtures up to version 0.9.1 is vulnerable to code injection: the fixture_text argument passed to sqla_yaml_fixtures.load can execute arbitrary Python code. Root cause is unsafe use of yaml.load. Impact is local code execution with high risk; remediation details are not provided in the ...