CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

Gentoo Linux•added 2024/02/26 12:0 a.m.•51 views

PyYAML: Arbitrary Code Execution

Background PyYAML is a YAML parser and emitter for Python. Description A vulnerability has been discovered in PyYAML. Please review the CVE identifier referenced below for details. Impact A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution whe...

10CVSS8.3AI score0.13704EPSS

Exploits1

Microsoft CVE•added 2023/11/07 8:0 a.m.•5 views

A vulnerability was discovered in the PyYAML library in versions before 5.3.1 where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.

...

10CVSS7.9AI score0.01846EPSS

Exploits1

Tenable Nessus•added 2021/05/12 12:0 a.m.•46 views

Ubuntu 20.04 LTS : PyYAML vulnerability (USN-4940-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4940-1 advisory. It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute...

10CVSS7.9AI score0.13704EPSS

Exploits0References2

Github Security Blog•added 2021/04/20 4:14 p.m.•59 views

Improper Input Validation in PyYAML

A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...

10CVSS9.7AI score0.01846EPSS

Exploits1References16Affected Software1

OSV•added 2021/04/20 4:14 p.m.•0 views

GHSA-6757-JP84-GXFX Improper Input Validation in PyYAML

9.8CVSS7.5AI score0.01846EPSS

Exploits1References17

OSV•added 2021/02/09 9:15 p.m.•30 views

CVE-2020-14343

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...

9.8CVSS5AI score

Exploits0References5

OSV•added 2021/02/09 9:15 p.m.•2 views

AZL-31782 CVE-2020-14343 affecting package PyYAML for versions less than 5.4.1-1

9.8CVSS7.7AI score0.13704EPSS

Exploits0References1

NVD•added 2021/02/09 9:15 p.m.•23 views

CVE-2020-14343

10CVSS0.13704EPSS

Exploits0References5

OSV•added 2021/02/09 9:15 p.m.•1 views

ALPINE-CVE-2020-14343

9.8CVSS8.4AI score0.13704EPSS

Exploits0References1

OSV•added 2021/02/09 9:15 p.m.•0 views

UBUNTU-CVE-2020-14343

9.8CVSS7.5AI score0.13704EPSS

Exploits0References4

Prion•added 2021/02/09 9:15 p.m.•24 views

Input validation

10CVSS9.6AI score0.13704EPSS

Exploits1References5Affected Software2

PyPA•added 2021/02/09 9:15 p.m.•4 views

PYSEC-2021-142

10CVSS8.2AI score0.13704EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/02/09 12:0 a.m.•22 views

CVE-2020-14343

10AI score0.13704EPSS

Exploits0References5

AlpineLinux•added 2021/02/09 12:0 a.m.•39 views

CVE-2020-14343

10CVSS8.4AI score0.13704EPSS

Exploits0

Tenable Nessus•added 2021/02/01 12:0 a.m.•45 views

Fedora 32 : PyYAML (2021-eed7193502)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-eed7193502 advisory. - A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it process...

10CVSS8.4AI score0.13704EPSS

Exploits1References3

RedHat Linux•added 2020/11/04 1:25 a.m.•0 views

PyYAML: arbitrary command execution through python/object/new when FullLoader is used

A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. ...

10CVSS7.7AI score0.01846EPSS

Exploits1References4

OpenVAS•added 2020/08/31 12:0 a.m.•23 views

Huawei EulerOS: Security Advisory for PyYAML (EulerOS-SA-2020-1912)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.7AI score0.01846EPSS

Exploits1References2

Positive Technologies•added 2020/05/27 12:0 a.m.•3 views

PT-2021-3478

Name of the Vulnerable Software and Affected Versions PyYAML versions prior to 5.4 Description A flaw in the PyYAML library allows for arbitrary code execution when processing untrusted YAML files through the full load method or with the FullLoader loader. This issue enables an attacker to execut...

10CVSS8.8AI score0.13704EPSS

Exploits2References101

OSV•added 2020/03/24 3:15 p.m.•1 views

ALPINE-CVE-2020-1747

9.8CVSS8.4AI score0.01846EPSS

Exploits1References1

OSV•added 2020/03/24 3:15 p.m.•1 views

DEBIAN-CVE-2020-1747

9.8CVSS8AI score0.01846EPSS

Exploits1References1

Rows per page