Known Vulnerabilities for products from Pyyaml
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Pyyaml".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-14343 | A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execut... | 9.8 - CRITICAL | 2021-02-09 | 2023-07-06 |
| CVE-2020-1747 | A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code exec... | 9.8 - CRITICAL | 2020-03-24 | 2023-11-07 |
| CVE-2019-20477 | PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization ... | 9.8 - CRITICAL | 2020-02-19 | 2023-11-07 |
| CVE-2017-18342 | In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has b... | 9.8 - CRITICAL | 2018-06-27 | 2023-11-07 |
| CVE-2014-9130 | scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent att... | 5 - MEDIUM | 2014-12-08 | 2017-12-09 |
| CVE-2014-2525 | Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent atta... | 6.8 - MEDIUM | 2014-03-28 | 2018-10-30 |
| CVE-2013-6393 | The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote at... | 6.8 - MEDIUM | 2014-02-06 | 2018-10-30 |