AVG-843 log
Package | python-yaml |
Status | Fixed |
Severity | High |
Type | arbitrary code execution |
Affected | 3.13-2 |
Fixed | 5.1-1 |
Current |
6.0.2-2 [extra-testing] 6.0.2-1 [extra] |
Ticket | FS#61311 |
Created | Tue Jan 8 19:03:24 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-18342 | High | Yes | Arbitrary code execution | In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used. |