1 results (0.001 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2011-4103 – Debian Security Advisory 2344-1
https://notcve.org/view.php?id=CVE-2011-4103
12 Nov 2011 — emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method. emitters.py en Django Piston anterior a 0.2.3 y 0.2.x anterior a 0.2.2.1 no deserializa debidamente los datos YAML, lo que permite a atacantes remotos ejecutar código Python arbitrario a través de vectores relacionados con el método yaml.load. It was discovered that the Piston framework can dese... • http://www.debian.org/security/2011/dsa-2344 • CWE-20: Improper Input Validation •