메뉴 건너뛰기

GREATUSER

cve

CVE-2017-16618

관리자 2017.11.09 04:00 조회 수 : 12

An exploitable vulnerability exists in the YAML loading functionality of util.py in OwlMixin before 2.0.0a12. A "Load YAML" string or file (aka load_yaml or load_yamlf) can execute arbitrary Python commands resulting in command execution because load is used where safe_load should have been used. An attacker can insert Python into loaded YAML to trigger this vulnerability.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16618
번호 제목 글쓴이 날짜 조회 수
467 CVE-2017-18049 관리자 2018.01.25 13
466 CVE-2017-17406 관리자 2018.01.25 13
465 CVE-2017-16607 관리자 2018.01.25 13
464 CVE-2018-1042 관리자 2018.01.25 13
463 CVE-2017-16661 관리자 2017.11.09 13
462 CVE-2017-14099 관리자 2017.09.04 13
461 CVE-2018-6029 관리자 2018.01.25 12
460 CVE-2017-16659 관리자 2017.11.09 12
459 CVE-2017-16660 관리자 2017.11.09 12
458 CVE-2017-16616 관리자 2017.11.09 12
» CVE-2017-16618 관리자 2017.11.09 12
456 CVE-2017-16650 관리자 2017.11.09 12
455 CVE-2017-9805 관리자 2017.09.16 12
454 CVE-2017-15094 관리자 2018.01.25 11
453 CVE-2018-1000014 관리자 2018.01.25 11
위로