Exploit for Deserialization of Untrusted Data in Huggingface Transformers

CVE-2024-11392 Hugging Face Transformers MobileViTV2 Des...

ROS-2-2216

2.2216 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

PyYAML: incomplete fix for CVE-2020-1747

A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw...

ROS-2-2225

2.2225 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-2241

2.2241 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

ROS-2-2208

2.2208 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...

OESA-2021-1257 PyYAML security update

YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python. PyYAML features a complete YAML 1.1 parser, Unicode support, pickle support, capable extension API, and sensible error messages. PyYAML...

PyYAML: command execution through python/object/apply constructor in FullLoader

A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. ...

PyYAML: arbitrary command execution through python/object/new when FullLoader is used

A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. ...

The vulnerability of the full_load method and the FullLoader loader from the PyYAML library allows a attacker to execute arbitrary code.

The vulnerability of the fullload method and the FullLoader loader from the PyYAML library exists due to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

PT-2021-3478

Name of the Vulnerable Software and Affected Versions PyYAML versions prior to 5.4 Description A flaw in the PyYAML library allows for arbitrary code execution when processing untrusted YAML files through the full load method or with the FullLoader loader. This issue enables an attacker to execut...

ALPINE-CVE-2020-1747

A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...

PyYAML Input Validation Error Vulnerability

PyYAML is a Python based YAML parser and generator . There is an input validation error vulnerability in PyYAML, when the user loads a yaml file that the program does not trust through the fullload method or Fullloader method, it is easy to cause arbitrary code execution vulnerability, which can ...