CVE-2019-10135

Published
View on NVD ↗
CVSS v3
7.2
HIGH
CVSS v2
6.5
MEDIUM
Affected
1
PROJECT

Description

A flaw was found in the yaml.load() function in the osbs-client versions since 0.46 before 0.56.1. Insecure use of the yaml.load() function allowed the user to load any suspicious object for code execution via the parsing of malicious YAML files.

containerbuildsystem/osbs-client
containerbuildsystem/osbs-client
client for OpenShift Build Service
GitHubGitHub
39