subject:"Bug#953013\: \[Python\-modules\-team\] Bug#953013\: pyyaml\: CVE\-2020\-1747\: arbitrary command execution through python\/object\/new when FullLoader is used"

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

2020-03-07 Thread Salvatore Bonaccorso

Hi Scott, On Sat, Mar 07, 2020 at 01:52:36AM -0500, Scott Kitterman wrote: > On Tuesday, March 3, 2020 11:41:26 AM EST Salvatore Bonaccorso wrote: > > Hi Scott, > > > > On Tue, Mar 03, 2020 at 09:19:06AM -0500, Scott Kitterman wrote: > > > On Tuesday, March 3, 2020 2:29:51 AM EST Salvatore

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

2020-03-06 Thread Scott Kitterman

On Tuesday, March 3, 2020 11:41:26 AM EST Salvatore Bonaccorso wrote: > Hi Scott, > > On Tue, Mar 03, 2020 at 09:19:06AM -0500, Scott Kitterman wrote: > > On Tuesday, March 3, 2020 2:29:51 AM EST Salvatore Bonaccorso wrote: > > > Source: pyyaml > > > Version: 5.3-1 > > > Severity: important > > >

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

2020-03-03 Thread Moritz Mühlenhoff

On Tue, Mar 03, 2020 at 12:15:09PM -0500, Scott Kitterman wrote: > On Tuesday, March 3, 2020 11:41:26 AM EST Salvatore Bonaccorso wrote: > > OK. If anyone has a reproducer for this, it'd be very helpful to sort it out. > > I think this is like the recent CVE for python-bleach where the affected

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

2020-03-03 Thread Scott Kitterman

On Tuesday, March 3, 2020 11:41:26 AM EST Salvatore Bonaccorso wrote: > Hi Scott, > > On Tue, Mar 03, 2020 at 09:19:06AM -0500, Scott Kitterman wrote: > > On Tuesday, March 3, 2020 2:29:51 AM EST Salvatore Bonaccorso wrote: > > > Source: pyyaml > > > Version: 5.3-1 > > > Severity: important > > >

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

2020-03-03 Thread Salvatore Bonaccorso

Hi Scott, On Tue, Mar 03, 2020 at 09:19:06AM -0500, Scott Kitterman wrote: > On Tuesday, March 3, 2020 2:29:51 AM EST Salvatore Bonaccorso wrote: > > Source: pyyaml > > Version: 5.3-1 > > Severity: important > > Tags: security upstream > > Forwarded: https://github.com/yaml/pyyaml/pull/386 > > >

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

Bug#953013: [Python-modules-team] Bug#953013: pyyaml: CVE-2020-1747: arbitrary command execution through python/object/new when FullLoader is used

5 matches

Site Navigation

Mail list logo

Footer information