Lucene search
RedhatCVELIST:CVE-2019-10135HistoryJul 11, 2019 - 12:00 a.m.
CVE-2019-10135
2019-07-1100:00:00
CWE-502
redhat
www.cve.org
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
41.1%
A flaw was found in the yaml.load() function in the osbs-client versions since 0.46 before 0.56.1. Insecure use of the yaml.load() function allowed the user to load any suspicious object for code execution via the parsing of malicious YAML files.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "osbs-client",
"versions": [
{
"version": "since 0.46 before 0.56.1",
"status": "affected"
}
]
}
]Related
cve
cve
CVE-2019-10135
2019-07-11 19:15:12
osv
osv
CVE-2019-10135
2019-07-11 19:15:12
nvd
nvd
CVE-2019-10135
2019-07-11 19:15:12
redhatcve
redhatcve
CVE-2019-10135
2019-06-20 05:52:01
prion
prion
Design/Logic Flaw
2019-07-11 19:15:00
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
41.1%
Related for CVELIST:CVE-2019-10135