AVG-843 log

Package python-yaml
Status Fixed
Severity High
Type arbitrary code execution
Affected 3.13-2
Fixed 5.1-1
Current 6.0.2-2 [extra-testing]
6.0.2-1 [extra]
Ticket FS#61311
Created Tue Jan 8 19:03:24 2019
Issue Severity Remote Type Description
CVE-2017-18342 High Yes Arbitrary code execution
In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used.