CVE-2023-47204
9.8CRITICALUnsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code.
Publicado: 11/2/2023Actualizado: 11/21/2024
Descripción
Unsafe YAML deserialization in yaml.Loader in transmute-core before 1.13.5 allows attackers to execute arbitrary Python code.
Análisis IAImpulsado por IA
Productos Afectados
toumorokoshitransmute-core
Referencias
- https://github.com/toumorokoshi/transmute-core/pull/58Issue TrackingPatch
- https://github.com/toumorokoshi/transmute-core/releases/tag/v1.13.5Release Notes
- https://github.com/toumorokoshi/transmute-core/pull/58Issue TrackingPatch
- https://github.com/toumorokoshi/transmute-core/releases/tag/v1.13.5Release Notes