AVG-843

Package python-yaml
Status Unknown
Severity High
Type arbitrary code execution
Affected 3.13-2
Fixed Unknown
Current 3.13-2 [community]
Ticket FS#61311
Created Tue Jan 8 19:03:24 2019
Issue Severity Remote Type Description
CVE-2017-18342 High Yes Arbitrary code execution
In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used.