2020-02-19 16:19:12
mitre
PUBLISHED
JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load() function. NOTE: this is a discontinued product.