Copier `_external_data` allows path traversal and absolute-path local file read without unsafe mode

Summary Copier's externaldata feature allows a template to load YAML files using template-controlled paths. The documentation describes these values as relative paths from the subproject destination, so relative paths themselves appear to be part of the intended feature model. However, the curren...

PT-2026-29671

Name of the Vulnerable Software and Affected Versions Copier versions prior to 9.14.1 Description The external data feature in Copier allows templates to load YAML files using paths controlled by the template. This can allow a malicious template to read YAML-parseable local files accessible to th...

Exploit for CVE-2026-24009

docling-core-CVE-2026-24009 T...

CVE-2025-62348

Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process...

CVE-2025-11157

A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at feast/sdk/python/feast/infra/computeengines/kubernetes/main.py. The vulnerability arises from the use of yaml.load..., Loader=yaml.Loader to...

📄 Flask 3.0.0 Command Injection

Flash 3.0.0 proof of concept exploit that demonstrates multiple command injection vulnerabilities. ============================================================================================================================================= | Title : Flask 3.0.0 Command Injection | | Author :...

EUVD-2018-4993

Malware in sbrugna...

EUVD-2021-0247

Malware in sbrugna...

EUVD-2017-0001

Malware in sbrugna...

EUVD-2017-0082

Malware in sbrugna...

EUVD-2022-0167

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-10289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe parsing of YAML values which happens whenever an acti...

CVE-2024-23730

The OpenAPI and ChatGPT plugin loaders in LlamaHub aka llama-hub before 0.0.67 allow attackers to execute arbitrary code because safeload is not used for YAML...

SUSE CVE-2021-25738

Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution...

Cobbler vulnerable to code injection via unsafe YAML loading

The setmgmtparameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safeload function, as demonstrated using Puppet...

GHSA-HPJ3-5P46-G87W Cobbler vulnerable to code injection via unsafe YAML loading

The setmgmtparameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safeload function, as demonstrated using Puppet...

Code injection via unsafe YAML loading

Impact Sockeye uses YAML to store model and data configurations on disk. Versions below 2.3.24 use unsafe YAML loading, which can be made to execute arbitrary code embedded in config files. An attacker can add malicious code to the config file of a trained model and attempt to convince users to...

CVE-2021-43811 Code injection via unsafe YAML loading

Sockeye is an open-source sequence-to-sequence framework for Neural Machine Translation built on PyTorch. Sockeye uses YAML to store model and data configurations on disk. Versions below 2.3.24 use unsafe YAML loading, which can be made to execute arbitrary code embedded in config files. An...

PT-2021-16765 · Unknown · Kubernetes Java Client Libraries

Name of the Vulnerable Software and Affected Versions: Kubernetes Java Client library affected versions not specified Description: Loading specially-crafted yaml with the Kubernetes Java Client library can lead to code execution. Recommendations: At the moment, there is no information about a new...

PYSEC-2021-429

SLO generator allows for loading of YAML files that if crafted in a specific format can allow for code execution within the context of the SLO Generator. We recommend upgrading SLO Generator past https://github.com/google/slo-generator/pull/173...