10 matches found
EUVD-2019-11022
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-20478
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, thi...
OPENSUSE-SU-2024:14164-1 python310-ruamel.yaml-0.18.6-1.2 on GA media
These are all security issues fixed in the python310-ruamel.yaml-0.18.6-1.2 package on the GA media of openSUSE Tumbleweed...
CVE-2019-20478
A vulnerability was discovered in the ruamel.yaml library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the load method. Applications that use ruamel.yaml to process untrusted input may be vulnerable to this flaw. An attacker could use this fl...
CVE-2019-20478
In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safeload in these use cases...
CVE-2019-20478
In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safeload in these use cases...
Remote code execution
In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safeload in these use cases...
CVE-2019-20478
CVE-2019-20478 affects ruamel.yaml up to version 0.16.7, where its load method can lead to remote code execution when invoked with untrusted input. The issue arises from using load instead of safer alternatives like safe_load in scenarios where input may be tainted by an attacker. The vulnerabili...
CVE-2019-20478
In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safeload in these use cases...
PT-2020-10463 · Ruamel +2 · Ruamel.Yaml +2
Name of the Vulnerable Software and Affected Versions: ruamel.yaml versions prior to 0.16.8 Description: The issue allows remote code execution when the load method is called with an untrusted argument, affecting developers who do not use safe methods like safe load. Recommendations: For versions...