Lucene search
Veracode Vulnerability DatabaseVERACODE:22540HistoryFeb 20, 2020 - 8:39 a.m.
Remote Code Execution (RCE)
2020-02-2008:39:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.032 Low
EPSS
Percentile
91.2%
ruamel_yaml is vulnerable to remote code execution (RCE). The attack exists because it accepts the invocation of load method with untrusted argument instead of using safe method such as safe_load, resulting in deserialization of untrusted objects.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ruamel.yaml | le | 0.16.13 |
References
Related
ubuntucve
ubuntucve
CVE-2019-20478
2020-02-19 00:00:00
nvd
nvd
CVE-2019-20478
2020-02-19 04:15:10
prion
prion
Remote code execution
2020-02-19 04:15:00
cve
cve
CVE-2019-20478
2020-02-19 04:15:10
redhatcve
redhatcve
CVE-2019-20478
2020-02-27 19:12:14
cvelist
cvelist
CVE-2019-20478
2020-02-19 03:09:08
debiancve
debiancve
CVE-2019-20478
2020-02-19 04:15:10
