Safety vulnerability ID: 25777
The information on this page was manually curated by our Cybersecurity Intelligence Team.
emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.
Latest version: 0.2.3
Piston is a Django mini-framework creating APIs.
emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application