Описание
qlib Deserialization of Untrusted Data vulnerability
This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.
Пакеты
Наименование
pyqlib
pip
Затронутые версииВерсия исправления
< 0.7.0
0.7.0
Связанные уязвимости
CVSS3: 6.6
nvd
почти 5 лет назад
This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.