Skip to content

[GHSA-rprw-h62v-c2w7] PyYAML insecurely deserializes YAML strings leading to arbitrary code execution#7867

Merged
advisory-database[bot] merged 2 commits into
theinfosecguy/advisory-improvement-7867from
theinfosecguy-GHSA-rprw-h62v-c2w7
Jul 1, 2026
Merged

[GHSA-rprw-h62v-c2w7] PyYAML insecurely deserializes YAML strings leading to arbitrary code execution#7867
advisory-database[bot] merged 2 commits into
theinfosecguy/advisory-improvement-7867from
theinfosecguy-GHSA-rprw-h62v-c2w7

Conversation

@theinfosecguy

Copy link
Copy Markdown

Updates

  • Affected products

Comments
Version 4.1 is yanked from PyPi.

@github-actions github-actions Bot changed the base branch from main to theinfosecguy/advisory-improvement-7867 June 1, 2026 09:38
@advisory-database advisory-database Bot merged commit 910e5c3 into theinfosecguy/advisory-improvement-7867 Jul 1, 2026
4 checks passed
@advisory-database

Copy link
Copy Markdown
Contributor

Hi @theinfosecguy! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!

@advisory-database advisory-database Bot deleted the theinfosecguy-GHSA-rprw-h62v-c2w7 branch July 1, 2026 17:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant