Search CVE reports
1 – 5 of 5 results
CVE-2020-14343
Medium priorityA vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader....
1 affected package
pyyaml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pyyaml | — | — | Fixed | Not affected | Not affected |
CVE-2020-1747
Low priorityA vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader....
1 affected package
pyyaml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pyyaml | — | — | Not affected | Not affected | Not affected |
CVE-2019-20477
Low priorityPyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete...
1 affected package
pyyaml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pyyaml | — | — | Not affected | Not affected | Not affected |
CVE-2017-18342
Low priorityIn PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the ‘UnsafeLoader’ has been introduced for backward compatibility with...
1 affected package
pyyaml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pyyaml | — | — | Not affected | Ignored | Ignored |
CVE-2014-9130
Medium prioritySome fixes available 9 of 12
scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.
3 affected packages
libyaml, libyaml-libyaml-perl, pyyaml
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libyaml | — | — | — | — | — |
libyaml-libyaml-perl | — | — | — | — | — |
pyyaml | — | — | — | — | — |