Search criteria
Related vulnerabilities
PYSEC-2021-86
Vulnerability from pysec - Published: 2021-02-15 16:15 - Updated: 2021-06-09 05:01
VLAI?
Details
This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.
Impacted products
| Name | purl | pyqlib | pkg:pypi/pyqlib |
|---|
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "pyqlib",
"purl": "pkg:pypi/pyqlib"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.6.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.5.0.dev10",
"0.5.0.dev7",
"0.5.0.dev8",
"0.5.0.dev9",
"0.5.1",
"0.5.1.dev0",
"0.6.0",
"0.6.1",
"0.6.2"
]
}
],
"aliases": [
"CVE-2021-23338",
"SNYK-PYTHON-QLIB-1054635"
],
"details": "This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.",
"id": "PYSEC-2021-86",
"modified": "2021-06-09T05:01:32.318077Z",
"published": "2021-02-15T16:15:00Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/418sec/huntr/pull/1329"
},
{
"type": "ADVISORY",
"url": "https://snyk.io/vuln/SNYK-PYTHON-QLIB-1054635"
}
]
}