CVE-2017-16615
MLAlchemy contains a YAML parsing vulnerability in parse_yaml_query() (parser.py) affecting versions before 0.2.2. The YAML loader uses load instead of safe_load, allowing an attacker to inject Python into loaded YAML and trigger arbitrary code execution. This leads to potential command execution...