F5-K000139901
First published: Wed Jun 05 2024(Updated: )
In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 BIG-IP | >=17.1.0<=17.1.1 | |
| F5 BIG-IP | >=16.1.0<=16.1.4 | |
| F5 BIG-IP | >=15.1.0<=15.1.10 | |
| F5 BIG-IQ Centralized Management | >=8.1.0<=8.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/f5-advisory
- source/F5
- alias/CVE-2017-18342
- agent/software-canonical-lookup
- agent/severity
- agent/last-modified-date
- agent/type
- agent/references
- agent/description
- agent/first-publish-date
- agent/tags
- agent/softwarecombine
- agent/event
- vendor/f5
- canonical/f5 big-ip
- version/f5 big-ip/17.1.0
- version/f5 big-ip/17.1.1
- version/f5 big-ip/16.1.0
- version/f5 big-ip/16.1.4
- version/f5 big-ip/15.1.0
- version/f5 big-ip/15.1.10
- canonical/f5 big-iq centralized management
- version/f5 big-iq centralized management/8.1.0
- version/f5 big-iq centralized management/8.3.0