메뉴 건너뛰기

GREATUSER

cve

CVE-2017-16618

관리자 2017.11.09 04:00 조회 수 : 13

An exploitable vulnerability exists in the YAML loading functionality of util.py in OwlMixin before 2.0.0a12. A "Load YAML" string or file (aka load_yaml or load_yamlf) can execute arbitrary Python commands resulting in command execution because load is used where safe_load should have been used. An attacker can insert Python into loaded YAML to trigger this vulnerability.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16618
번호 제목 글쓴이 날짜 조회 수
467 CVE-2017-2742 관리자 2018.01.25 16
466 CVE-2017-15093 관리자 2018.01.25 16
465 CVE-2018-1000012 관리자 2018.01.25 16
464 CVE-2018-1000011 관리자 2018.01.25 16
463 CVE-2017-16616 관리자 2017.11.09 16
462 CVE-2017-16645 관리자 2017.11.09 16
461 CVE-2017-9805 관리자 2017.09.16 16
460 CVE-2017-7693 관리자 2017.08.27 16
459 CVE-2017-15091 관리자 2018.01.25 15
458 CVE-2018-1000016 관리자 2018.01.25 15
457 CVE-2017-18049 관리자 2018.01.25 15
456 CVE-2018-1042 관리자 2018.01.25 15
455 CVE-2017-12114 관리자 2018.01.25 15
454 CVE-2017-14120 관리자 2017.09.04 15
453 CVE-2017-14121 관리자 2017.09.04 15
위로