CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2020-14343 – PyYAML: incomplete fix for CVE-2020-1747
https://notcve.org/view.php?id=CVE-2020-14343
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747. Se detectó una vulnerabilidad en la biblioteca PyYAML en versiones anteriores a 5.4, donde es susceptible una ejecución de código arbitrario cuando se procesan archivos YAML no confiables por medio del método full_load o con el cargador FullLoader. • https://github.com/j4k0m/loader-CVE-2020-14343 https://bugzilla.redhat.com/show_bug.cgi?id=1860466 https://github.com/SeldonIO/seldon-core/issues/2252 https://github.com/yaml/pyyaml/issues/420 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2020-14343 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2020-1747 – PyYAML: arbitrary command execution through python/object/new when FullLoader is used
https://notcve.org/view.php?id=CVE-2020-1747
A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor. Se descubrió una vulnerabilidad en la biblioteca PyYAML versiones anteriores a 5.3.1, donde es susceptible a una ejecución de código arbitraria cuando procesa archivos YAML no seguros por medio del método full_load o con el cargador FullLoader. Las aplicaciones que usan la biblioteca para procesar entradas no seguras pueden ser vulnerables a este fallo. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747 https://github.com/yaml/pyyaml/pull/386 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7PPAS6C4SZRDQLR7C22A5U3QOLXY33JX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY https://lists.fedoraproject&# • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 16%CPEs: 3EXPL: 1CVE-2019-20477 – PyYAML: command execution through python/object/apply constructor in FullLoader
https://notcve.org/view.php?id=CVE-2019-20477
PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342. PyYAML versiones 5.1 hasta 5.1.2, presenta restricciones insuficientes en las funciones load y load_all debido a un problema de deserialización de clase, por ejemplo, Popen es una clase en el módulo subprocess. NOTA: este problema se presenta debido a una corrección incompleta para el CVE-2017-18342. A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. • https://github.com/yaml/pyyaml/blob/master/CHANGES https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33VBUY73AA6CTTYL3LRWHNFDULV7PFPN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/52N5XS73Z5S4ZN7I7R56ICCPCTKCUV4H https://www.exploit-db.com/download/47655 https://access.redhat.com/security/cve/CVE-2019-20477 https://bugzilla.redhat.com/show_bug.cgi?id=1806005 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-18342
https://notcve.org/view.php?id=CVE-2017-18342
In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function. En PyYAML en versiones anteriores a 5.1, la API yaml.load () podría ejecutar código arbitrario si se usara con datos no confiables. La función load () ha quedado en desuso en la versión 5.1 y se ha introducido el "UnsafeLoader" para una compatibilidad hacia atrás con la función. • https://github.com/marshmallow-code/apispec/issues/278 https://github.com/yaml/pyyaml/blob/master/CHANGES https://github.com/yaml/pyyaml/issues/193 https://github.com/yaml/pyyaml/pull/74 https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load%28input%29-Deprecation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE http • CWE-502: Deserialization of Untrusted Data •