2021-02-14 03:05:22
mitre
PUBLISHED
config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used.