9 matches found
EUVD-2022-2430
Malicious code in bioql PyPI...
Deserialization of Untrusted Data in JYaml
JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load function. NOTE: this is a discontinued product...
GHSA-4QHR-Q7WF-94XP Deserialization of Untrusted Data in JYaml
JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load function. NOTE: this is a discontinued product...
Remote Code Execution
JYaml is vulnerable to remote code execution. The library allows unsafe deserialization via the load function, allowing an attacker to execute arbitrary code on the system using a malicious .yml file...
JYaml Code Execution Vulnerability
JYaml is a Java library for using the Yaml file format . A security vulnerability exists in JYaml 1.3 and earlier versions. An attacker can exploit the vulnerability to execute code with the help of a malicious payload...
CVE-2020-8441
JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load function. NOTE: this is a discontinued product...
Deserialization of untrusted data
JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load function. NOTE: this is a discontinued product...
CVE-2020-8441
CVE-2020-8441 is tied to the JYaml library (up to version 1.3). The issue arises from unsafe deserialization in the library’s load() function, allowing remote code execution when presented with a malicious payload. The description explicitly notes this is a discontinued product, and connected rec...
CVE-2020-8441
JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load function. NOTE: this is a discontinued product...