toastdriven/django-tastypie

Releases28

Frequency4 months 1 week

Last Release over 6 years ago

Stars4

Creating delicious APIs for Django apps since 2010.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2011-4104 ↗	Oct 27, 2014Monday, 27 October 2014, 01:55	—	7.5 HIGH
The from_yaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.