AZL-31782 — Vulnetix

AZL-31782 PUBLISHED CVSS 9.800000190734863 CRITICAL

CVE-2020-14343 affecting package PyYAML for versions less than 5.4.1-1

Risk Scores

CVSS 3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Azure Linux:2	PyYAML	0

Exploit Intelligence

A web application vulnerable to CVE-2020-14343 insecure deserialization leading to command execution in PyYAML package. (github-poc-repo)
CVE-2020-14343的payload (github-poc-repo)
sijie52/yasa-cve-2020-14343 (github-poc-repo)
sijie52/yasa-cve-2020-14343 (github-poc)
CVE-2020-14343的payload (github-poc)
A web application vulnerable to CVE-2020-14343 insecure deserialization leading to command execution in PyYAML package. (github-poc)
eventSendReport_test.cpp (github-poc)
sarif.json (github-poc)
cve_security_tests.rs (github-poc)
guard-yaml.js (github-poc)

…and 1 more exploits

Timeline

Feb 9, 2021 CVE Published
Apr 21, 2026 CVE Updated

References

https://nvd.nist.gov/vuln/detail/CVE-2020-14343 url

Open in Interactive Console →

$ Console Community · 100/wk Open console ›