VYPR

PyPI package

django-piston

pkg:pypi/django-piston

Vulnerabilities (1)

  • CVE-2011-4103Oct 27, 2014
    affected >= 0.2.0, < 0.2.2.1fixed 0.2.2.1

    emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.