PYSEC-2021-86

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/pyqlib/PYSEC-2021-86.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2021-86
Aliases
Published
2021-02-15T16:15:00Z
Modified
2024-04-29T11:41:20.084768Z
Summary
[none]
Details

This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.

References

Affected packages

PyPI / pyqlib

Package

Name
pyqlib
View open source insights on deps.dev
Purl
pkg:pypi/pyqlib

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.6.3

Affected versions

0.*
0.5.0.dev7
0.5.0.dev8
0.5.0.dev9
0.5.0.dev10
0.5.1.dev0
0.5.1
0.6.0
0.6.1
0.6.2

Database specific

source 
"https://github.com/pypa/advisory-database/blob/main/vulns/pyqlib/PYSEC-2021-86.yaml"