Download
| Alert*
oval:org.secpod.oval:def:116138
YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python. PyYAML features a complete YAML 1.1 parser, Unicode support, pickle support, capable extension API, and sensible error messages. PyYAML support ... oval:org.secpod.oval:def:116145 YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python. PyYAML features a complete YAML 1.1 parser, Unicode support, pickle support, capable extension API, and sensible error messages. PyYAML support ... oval:org.secpod.oval:def:2105000 In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the "UnsafeLoader" has been introduced for backward compatibility with the function. oval:org.secpod.oval:def:2001337 In PyYAML before 4.1, the yaml.load API could execute arbitrary code. In other words, yaml.safe_load is not used. oval:org.secpod.oval:def:1900317 In python-yaml before 4.1, the yaml.load API could execute arbitrary code. In other words, yaml.safe_load is not used. oval:org.secpod.oval:def:1505630 [1.0.2-1.el8] - Fix multiple CVEs : CVE-2017-18342, CVE-2020-10109, CVE-2020-10108, CVE-2021-33203, CVE-2021-33571, CVE-2021-44420, CVE-2021-31542, CVE-2021-28658, CVE-2021-28957, CVE-2021-43818, CVE-2020-27783 [Orabug: 34109801] |