Name | CVE-2011-4103 |
Description | emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more) |
References | DSA-2344-1 |
NVD severity | high (attack range: remote) |
Debian Bugs | 647315 |
The table below lists information on source packages.
The information below is based on the following data on fixed versions.