메뉴 건너뛰기

GREATUSER

cve

CVE-2017-16616

관리자 2017.11.09 04:00 조회 수 : 10

An exploitable vulnerability exists in the YAML parsing functionality in the YAMLParser method in Interfaces.py in PyAnyAPI before 0.6.1. A YAML parser can execute arbitrary Python commands resulting in command execution because load is used where safe_load should have been used. An attacker can insert Python into loaded YAML to trigger this vulnerability.


원문출처 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16616
번호 제목 글쓴이 날짜 조회 수
482 CVE-2017-16604 관리자 2018.01.25 14
481 CVE-2017-14457 관리자 2018.01.25 14
480 CVE-2017-16647 관리자 2017.11.09 14
479 CVE-2017-11610 관리자 2017.08.27 14
478 CVE-2016-3220 관리자 2016.06.17 14
477 CVE-2017-2741 관리자 2018.01.25 13
476 CVE-2017-2742 관리자 2018.01.25 13
475 CVE-2017-15092 관리자 2018.01.25 13
474 CVE-2017-15091 관리자 2018.01.25 13
473 CVE-2017-15093 관리자 2018.01.25 13
472 CVE-2018-1000016 관리자 2018.01.25 13
471 CVE-2017-17406 관리자 2018.01.25 13
470 CVE-2015-6472 (wago_i/o_plc_750-849_firmware, wago_i/o_plc_750-881_firmware, wago_i/o_plc_758-870_firmware) 관리자 2017.08.27 13
469 CVE-2018-6029 관리자 2018.01.25 12
468 CVE-2017-16607 관리자 2018.01.25 12
위로