Resolve CVE for PyYAML - CVE-2020-14343 #2252

axsaucedo · 2020-08-07T07:51:11Z

Report here
Redhat report here

axsaucedo · 2020-10-15T16:49:19Z

Currently being worked as part of PYYAML 5.4 https://github.com/yaml/pyyaml/projects/5

axsaucedo · 2021-01-20T12:43:29Z

This has now been resolved and is part of the latest release, so will add a task to upgrade to latest pyyaml for the next sprint yaml/pyyaml#420

axsaucedo added security Pull requests that address a security vulnerability triage Needs to be triaged and prioritised accordingly labels Aug 7, 2020

axsaucedo added this to the 1.3 milestone Aug 7, 2020

axsaucedo mentioned this issue Aug 7, 2020

Jenkins x snyk security checks #2251

Merged

ukclivecox removed the triage Needs to be triaged and prioritised accordingly label Aug 13, 2020

ukclivecox modified the milestones: 1.3, 1.4 Aug 20, 2020

axsaucedo modified the milestones: 1.4, 1.5 Oct 15, 2020

ukclivecox modified the milestones: 1.5, 1.6 Nov 30, 2020

axsaucedo mentioned this issue Jan 26, 2021

2252 resolve pyyaml cve #2891

Merged

axsaucedo closed this as completed in #2891 Jan 27, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Resolve CVE for PyYAML - CVE-2020-14343 #2252

Resolve CVE for PyYAML - CVE-2020-14343 #2252

axsaucedo commented Aug 7, 2020

axsaucedo commented Oct 15, 2020

axsaucedo commented Jan 20, 2021

Resolve CVE for PyYAML - CVE-2020-14343 #2252

Resolve CVE for PyYAML - CVE-2020-14343 #2252

Comments

axsaucedo commented Aug 7, 2020

axsaucedo commented Oct 15, 2020

axsaucedo commented Jan 20, 2021