Tag
cve-2017-18342
Safeguard articles tagged "cve-2017-18342" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
PyYAML Loader arbitrary code execution (CVE-2017-18342)
PyYAML's default yaml.load() Loader lets attackers run arbitrary code via crafted YAML input. Here's how CVE-2017-18342 works and how to fix it.
Dec 30, 20257 min read
Vulnerability Analysis
CVE-2017-18342: Arbitrary code execution via PyYAML yaml....
CVE-2017-18342 lets attackers achieve remote code execution via PyYAML's yaml.load(), which deserialized untrusted YAML into live Python objects by default.
Oct 6, 20258 min read