AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code.
github.com/toumorokoshi/transmute-core/pull/58
github.com/toumorokoshi/transmute-core/releases/tag/v1.13.5