Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-2744

Malware in sbrugna...

8.8CVSS7.8AI score0.0195EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-27070

Malicious code in bioql PyPI...

7.8CVSS7.4AI score0.0047EPSS
Exploits0References5
Snyk
Snyk
added 2025/07/31 2:2 p.m.5 views

Deserialization of Untrusted Data

Overview ms-swift is a Swift: Scalable lightWeight Infrastructure for Fine-Tuning Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the yaml.load function in tests/run.py when handling user-supplied YAML configuration files. An attacker can execute arbitrar...

9.8CVSS7.8AI score0.02494EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/11/11 12:0 a.m.5 views

The vulnerability of the yaml.load() component in the YAML parsing library for Python, PyYAML, allows a attacker to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the yaml.load component in the YAML parsing library for Python, PyYAML, is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

10CVSS7AI score0.06031EPSS
Exploits1References12Affected Software3
BDU FSTEC
BDU FSTEC
added 2023/03/27 12:0 a.m.5 views

The vulnerability of the YAML.load() function in the YAML syntax analyzer library for the Foreman server management, configuration, and monitoring application, as well as for the Red Hat Satellite system management tool, allows a malicious actor to execute arbitrary code.

The vulnerability of the YAML.load function in the YAML syntax analyzer library for the Foreman server management, configuration, and monitoring application, as well as for the Red Hat Satellite system management tool, is related to improper code generation. Exploiting this vulnerability allows a...

8CVSS8.1AI score0.00961EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2021/03/10 10:15 p.m.5 views

PYSEC-2021-60

Tenable for Jira Cloud is an open source project designed to pull Tenable.io vulnerability data, then generate Jira Tasks and sub-tasks based on the vulnerabilities' current state. It published in pypi as "tenable-jira-cloud". In tenable-jira-cloud before version 1.1.21, it is possible to run...

8.6CVSS7.2AI score0.00452EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2019/07/11 12:0 a.m.4 views

PT-2019-11591 · Red Hat · Osbs-Client

Name of the Vulnerable Software and Affected Versions: osbs-client versions 0.46 through 0.56.0 Description: A flaw was found in the yaml.load function, allowing insecure use that enables loading of suspicious objects for code execution via parsing of malicious YAML files. Recommendations: For...

7.2CVSS7.2AI score0.01886EPSS
Exploits0References5
Rows per page
Query Builder