Количество 14
Количество 14
BDU:2021-03488
Уязвимость синтаксического анализатора PyYAML, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю выполнить произвольный код
CVE-2020-14343
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
CVE-2020-14343
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
CVE-2020-14343
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
CVE-2020-14343
CVE-2020-14343
A vulnerability was discovered in the PyYAML library in versions befor ...
SUSE-SU-2022:3231-1
Security update for python-PyYAML
SUSE-SU-2021:2818-1
Security update for python-PyYAML
RLSA-2021:2583
Moderate: python38:3.8 and python38-devel:3.8 security update
GHSA-8q59-q68h-6hv4
Improper Input Validation in PyYAML
ELSA-2021-2583
ELSA-2021-2583: python38:3.8 and python38-devel:3.8 security update (MODERATE)
SUSE-SU-2022:2841-1
Security update for python-PyYAML
SUSE-RU-2021:0985-1
Recommended update for the Azure SDK and CLI
BDU:2023-05108
Уязвимость компонента ext/fts3/fts3.c системы управления базами данных SQLite, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2021-03488 Уязвимость синтаксического анализатора PyYAML, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю выполнить произвольный код | CVSS3: 9.8 | 14% Средний | больше 4 лет назад |
 | CVE-2020-14343 A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747. | CVSS3: 9.8 | 14% Средний | почти 5 лет назад |
 | CVE-2020-14343 A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747. | CVSS3: 9.8 | 14% Средний | больше 5 лет назад |
 | CVE-2020-14343 A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747. | CVSS3: 9.8 | 14% Средний | почти 5 лет назад |
 | CVSS3: 9.8 | 14% Средний | около 2 лет назад | |
| CVE-2020-14343 A vulnerability was discovered in the PyYAML library in versions befor ... | CVSS3: 9.8 | 14% Средний | почти 5 лет назад |
 | SUSE-SU-2022:3231-1 Security update for python-PyYAML | 14% Средний | больше 3 лет назад | |
| SUSE-SU-2021:2818-1 Security update for python-PyYAML | 14% Средний | больше 4 лет назад | |
 | RLSA-2021:2583 Moderate: python38:3.8 and python38-devel:3.8 security update | 14% Средний | больше 4 лет назад | |
| GHSA-8q59-q68h-6hv4 Improper Input Validation in PyYAML | CVSS3: 9.8 | 14% Средний | больше 4 лет назад |
| ELSA-2021-2583 ELSA-2021-2583: python38:3.8 and python38-devel:3.8 security update (MODERATE) | больше 4 лет назад | ||
| SUSE-SU-2022:2841-1 Security update for python-PyYAML | больше 3 лет назад | ||
| SUSE-RU-2021:0985-1 Recommended update for the Azure SDK and CLI | больше 4 лет назад | ||
| BDU:2023-05108 Уязвимость компонента ext/fts3/fts3.c системы управления базами данных SQLite, позволяющая нарушителю выполнить произвольный код | CVSS3: 7 | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу