MLAlchemy Command Execution Vulnerability
MLAlchemy is a Python based open source utility library that converts YAML/JSON to SQLAlchemy SELECT queries. A security vulnerability exists in the YAML parsing functionality of the parseyamlquery method of the arser.py file in versions of MLAlchemy prior to 0.2.2. An attacker can exploit this...