PyPI package
django-piston
pkg:pypi/django-piston
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-4103 | — | >= 0.2.0, < 0.2.2.1 | 0.2.2.1 | Oct 27, 2014 | emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method. |
- CVE-2011-4103Oct 27, 2014affected >= 0.2.0, < 0.2.2.1fixed 0.2.2.1
emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.