CVE-2023-47204
9.8CRITICALUnsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code.
Published: 11/2/2023Updated: 11/21/2024
Description
Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code.
AI AnalysisPowered by AI
Affected Products
toumorokoshitransmute-core
References
- https://github.com/toumorokoshi/transmute-core/pull/58Issue TrackingPatch
- https://github.com/toumorokoshi/transmute-core/releases/tag/v1.13.5Release Notes
- https://github.com/toumorokoshi/transmute-core/pull/58Issue TrackingPatch
- https://github.com/toumorokoshi/transmute-core/releases/tag/v1.13.5Release Notes