A flaw was found in the yaml.load() function in the osbs-client versions since 0.46 prior to 0.56.1. Insecure use of the yaml.load() function allowed the user to load any suspicious object for code execution via the parsing of malicious YAML files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
osbs-client project osbs-client |