CVE-2017-16616

PyAnyAPI before 0.6.1 has an exploitable YAML parsing flaw in Interfaces.py (YAMLParser) where load is used instead of safe_load, allowing an attacker to execute arbitrary Python commands via YAML content. Multiple connected sources (GHSA, OSV, CNVD, NVD) confirm code execution vulnerability with...