AVG-843 log
| Package | python-yaml |
| Status | Fixed |
| Severity | High |
| Type | arbitrary code execution |
| Affected | 3.13-2 |
| Fixed | 5.1-1 |
| Current |
6.0.1-3 [extra-testing] 6.0.1-2 [extra] |
| Ticket | FS#61311 |
| Created | Tue Jan 8 19:03:24 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-18342 | High | Yes | Arbitrary code execution | In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used. |