0.043 Low
EPSS
Percentile
92.4%
jw_util is vulnerable to arbitrary command injection. The vulnerability exists as it uses the insecure function yaml.load without any validation in FromString and FromStream.
yaml.load
FromString
FromStream
joel-malwarebenchmark.github.io
joel-malwarebenchmark.github.io/blog/2020/04/27/cve-2020-13388-jw-util-vulnerability/
security.netapp.com/advisory/ntap-20200528-0002/