CVE-2020-14343
published 2021-02-09CVE-2020-14343: A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted…
PriorityP258critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
5.98%
92.4th percentile
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pyyaml | < pyyaml 5.3.1-4 (bookworm) | pyyaml 5.3.1-4 (bookworm) |
| docling-project | docling-core | — | — |
| docling-project | docling-core | >= 2.21.0 < 2.48.4 | 2.48.4 |
| docling | docling-core | >= 2.21.0 < 2.48.4 | 2.48.4 |
| msrc | cbl2_pyyaml_5.4.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| oracle | communications_cloud_native_core_network_function_cloud_native_environment | — | — |
| oracle | communications_cloud_native_core_network_function_cloud_native_environment | — | — |
| paloalto | pan-os | — | — |
| pyyaml | pyyaml | >= 0 < 5.3.1-4 | 5.3.1-4 |
| pyyaml | pyyaml | >= 0 < 5.3.1-4 | 5.3.1-4 |
| pyyaml | pyyaml | >= 0 < 5.3.1-4 | 5.3.1-4 |
| pyyaml | pyyaml | >= 0 < 5.3.1-4 | 5.3.1-4 |
| pyyaml | pyyaml | >= 0 < 5.4 | 5.4 |
| pyyaml | pyyaml | >= 5.1 < 5.4 | 5.4 |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect exploitation attempts via the python/object/new YAML constructor in untrusted YAML input processed by PyYAML's FullLoader or full_load method ↗
- →Flag use of PyYAML's full_load() method or FullLoader loader when processing untrusted input — these are the vulnerable code paths ↗
- →Audit code for yaml.load() calls not using SafeLoader, or any use of yaml.full_load() / FullLoader on externally-supplied YAML data ↗
- ·Ansible Tower 3.7 uses PyYAML 3.12 but is NOT affected because load() is called with SafeLoader explicitly specified ↗
- ·Red Hat Quay 3.4+ is NOT affected because it uses safe_load, not full_load/FullLoader ↗
- ·Despite a CVSS score of 9.8, Red Hat rates impact as Moderate because PyYAML provides yaml.safe_load as the safe alternative for untrusted input ↗
- ·This vulnerability is an incomplete fix for CVE-2020-1747; environments patched only for CVE-2020-1747 remain vulnerable unless upgraded to PyYAML >= 5.4 ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
ghsa9.8CRITICAL
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_msrc9.8CRITICAL
vendor_oracle9.8CRITICAL
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
docling-core vulnerable to Remote Code Execution via unsafe PyYAML usage
osv·2026-01-22·CVSS 9.8
CVE-2026-24009 [CRITICAL] docling-core vulnerable to Remote Code Execution via unsafe PyYAML usage
docling-core vulnerable to Remote Code Execution via unsafe PyYAML usage
### Impact
A PyYAML-related Remote Code Execution (RCE) vulnerability, namely CVE-2020-14343, is exposed in `docling-core >=2.21.0, <2.48.4` and, specifically only if the application uses `pyyaml < 5.4` and invokes `docling_core.types.doc.DoclingDocument.load_from_yaml()` passing it untrusted YAML data.
### Patches
The vulnerability has been patched in `docling-core` version **2.48.4**.
The fix mitigates the issue by switching `PyYAML` deserialization from `yaml.FullLoader` to `yaml.SafeLoader`, ensuring that untrusted data cannot trigger code execution.
### Workarounds
Users who cannot immediately upgrade `docling-core` can alternatively ensure that the installed version of `PyYAML` is **5.4 or greater**, which
GHSA
docling-core vulnerable to Remote Code Execution via unsafe PyYAML usage
ghsa·2026-01-22·CVSS 9.8
CVE-2026-24009 [CRITICAL] CWE-502 docling-core vulnerable to Remote Code Execution via unsafe PyYAML usage
docling-core vulnerable to Remote Code Execution via unsafe PyYAML usage
### Impact
A PyYAML-related Remote Code Execution (RCE) vulnerability, namely CVE-2020-14343, is exposed in `docling-core >=2.21.0, <2.48.4` and, specifically only if the application uses `pyyaml < 5.4` and invokes `docling_core.types.doc.DoclingDocument.load_from_yaml()` passing it untrusted YAML data.
### Patches
The vulnerability has been patched in `docling-core` version **2.48.4**.
The fix mitigates the issue by switching `PyYAML` deserialization from `yaml.FullLoader` to `yaml.SafeLoader`, ensuring that untrusted data cannot trigger code execution.
### Workarounds
Users who cannot immediately upgrade `docling-core` can alternatively ensure that the installed version of `PyYAML` is **5.4 or greater**, which
OSV
Improper Input Validation in PyYAML
osv·2021-03-25·CVSS 9.8
CVE-2020-14343 [CRITICAL] Improper Input Validation in PyYAML
Improper Input Validation in PyYAML
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
GHSA
Improper Input Validation in PyYAML
ghsa·2021-03-25·CVSS 9.8
CVE-2020-14343 [CRITICAL] CWE-20 Improper Input Validation in PyYAML
Improper Input Validation in PyYAML
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
OSV
CVE-2020-14343: A vulnerability was discovered in the PyYAML library in versions before 5
osv·2021-02-09·CVSS 9.8
CVE-2020-14343 [CRITICAL] CVE-2020-14343: A vulnerability was discovered in the PyYAML library in versions before 5
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
Palo Alto
PAN-SA-2025-0006 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2025-02-12·CVSS 7.1
CVE-2015-5312 [HIGH] PAN-SA-2025-0006 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2025-0006 Informational Bulletin: Impact of OSS CVEs in PAN-OS
T he Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2015-5312, CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, CVE-2016-4738, CVE-2018-1111, CVE-2018-14634, CVE-2018-18653, CVE-2019-0145, CVE-2019-8331, CVE-2020-0599, CVE-2020-14343, CVE-2020-14779, CVE-2020-27844, CVE-2020-29569, CVE-2021-21315, CVE-2021-27853, CVE-2021-27854, CVE-2021-27861, CVE-2021-27862, CVE-2021-3618, CVE-2021-3711, CVE-2022-2097, CVE-2022-22816, CVE-2022-40303, CVE-2022-41723, CVE-2022-41741, CVE-2022-41742, CVE-2023-3247, CVE-2023-38408, CVE-2023-44466, CVE-2023-50781, CVE-2023-50782, CVE-2024-12084, CV
Oracle
Oracle Oracle PeopleSoft Risk Matrix: Porting (PyYAML) — CVE-2020-14343
vendor_oracle·2023-04-15·CVSS 9.8
CVE-2020-14343 [CRITICAL] Oracle Oracle PeopleSoft Risk Matrix: Porting (PyYAML) — CVE-2020-14343
Oracle Oracle PeopleSoft Risk Matrix: Porting (PyYAML) vulnerability
CVE: CVE-2020-14343
CVSS: 9.8
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuapr2023 (APR 2023)
Oracle
Oracle Oracle Communications Risk Matrix: CNE (PyYAML) — CVE-2020-14343
vendor_oracle·2022-07-15·CVSS 9.8
CVE-2020-14343 [CRITICAL] Oracle Oracle Communications Risk Matrix: CNE (PyYAML) — CVE-2020-14343
Oracle Oracle Communications Risk Matrix: CNE (PyYAML) vulnerability
CVE: CVE-2020-14343
CVSS: 9.8
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpujul2022 (JUL 2022)
Oracle
Oracle Oracle Communications Risk Matrix: OC-CNE (PyYAML) — CVE-2020-14343
vendor_oracle·2022-04-15·CVSS 9.8
CVE-2020-14343 [CRITICAL] Oracle Oracle Communications Risk Matrix: OC-CNE (PyYAML) — CVE-2020-14343
Oracle Oracle Communications Risk Matrix: OC-CNE (PyYAML) vulnerability
CVE: CVE-2020-14343
CVSS: 9.8
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuapr2022 (APR 2022)
Ubuntu
PyYAML vulnerability
vendor_ubuntu·2021-05-10
CVE-2020-14343 PyYAML vulnerability
Title: PyYAML vulnerability
Summary: PyYAML could be made to run programs if it opened a specially crafted YAML
file.
It was discovered that PyYAML incorrectly handled untrusted YAML files with
the FullLoader loader. A remote attacker could possibly use this issue to
execute arbitrary code.
Instructions: In general, a standard system update will make all the necessary changes.
Microsoft
A vulnerability was discovered in the PyYAML library in versions before 5.4 where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or w
vendor_msrc·2021-02-09·CVSS 9.8
CVE-2020-14343 [CRITICAL] CWE-20 A vulnerability was discovered in the PyYAML library in versions before 5.4 where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or w
A vulnerability was discovered in the PyYAML library in versions before 5.4 where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure
Red Hat
PyYAML: incomplete fix for CVE-2020-1747
vendor_redhat·2020-07-22·CVSS 9.8
CVE-2020-14343 [CRITICAL] CWE-20 PyYAML: incomplete fix for CVE-2020-1747
PyYAML: incomplete fix for CVE-2020-1747
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted inpu
Debian
CVE-2020-14343: pyyaml - A vulnerability was discovered in the PyYAML library in versions before 5.4, whe...
vendor_debian·2020·CVSS 9.8
CVE-2020-14343 [CRITICAL] CVE-2020-14343: pyyaml - A vulnerability was discovered in the PyYAML library in versions before 5.4, whe...
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
Scope: local
bookworm: resolved (fixed in 5.3.1-4)
bullseye: resolved (fixed in 5.3.1-4)
forky: resolved (fixed in 5.3.1-4)
sid: resolved (fixed in 5.3.1-4)
trixie: resolved (fixed in 5.3.1-4)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2020-14343 PyYAML: incomplete fix for CVE-2020-1747 [fedora-all]
bugzilla·2020-07-24·CVSS 9.8
CVE-2020-14343 [CRITICAL] CVE-2020-14343 PyYAML: incomplete fix for CVE-2020-1747 [fedora-all]
CVE-2020-14343 PyYAML: incomplete fix for CVE-2020-1747 [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedor
Bugzilla
CVE-2020-14343 python3-PyYAML: PyYAML: incomplete fix for CVE-2020-1747 [epel-all]
bugzilla·2020-07-24·CVSS 9.8
CVE-2020-14343 [CRITICAL] CVE-2020-14343 python3-PyYAML: PyYAML: incomplete fix for CVE-2020-1747 [epel-all]
CVE-2020-14343 python3-PyYAML: PyYAML: incomplete fix for CVE-2020-1747 [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versi
Bugzilla
CVE-2020-14343 PyYAML: incomplete fix for CVE-2020-1747
bugzilla·2020-07-24·CVSS 9.8
CVE-2020-14343 [CRITICAL] CVE-2020-14343 PyYAML: incomplete fix for CVE-2020-1747
CVE-2020-14343 PyYAML: incomplete fix for CVE-2020-1747
The fix made in PyYAML for CVE-2020-1747 was not sufficient to resolve the issue.
Reference:
https://github.com/yaml/pyyaml/issues/420
Discussion:
Created PyYAML tracking bugs for this issue:
Affects: fedora-all [bug 1860469]
Created python2-pyyaml tracking bugs for this issue:
Affects: epel-all [bug 1860470]
Created python3-PyYAML tracking bugs for this issue:
Affects: epel-all [bug 1860468]
---
OpenStack: set to 'notaffected' because the packaged RHOSP version (PyYAML-3.10-11.el7) doesn't have the FullLoader code (lib/yaml/loader.py and constructor.py).
---
Mitigation:
Use `yaml.safe_load` or the SafeLoader loader when you parse untrusted input.
---
FullLoader, which is the class where this vulnerability lies, was
Bugzilla
CVE-2020-14343 python2-pyyaml: PyYAML: incomplete fix for CVE-2020-1747 [epel-all]
bugzilla·2020-07-24·CVSS 9.8
CVE-2020-14343 [CRITICAL] CVE-2020-14343 python2-pyyaml: PyYAML: incomplete fix for CVE-2020-1747 [epel-all]
CVE-2020-14343 python2-pyyaml: PyYAML: incomplete fix for CVE-2020-1747 [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versi
arXiv
VulnRepairEval: An Exploit-Based Evaluation Framework for Assessing Large Language Model Vulnerability Repair Capabilities
arxiv_fulltext·2025-09-03
VulnRepairEval: An Exploit-Based Evaluation Framework for Assessing Large Language Model Vulnerability Repair Capabilities
: An Exploit-Based Evaluation Framework for Assessing Large Language Model Vulnerability Repair Capabilities
Weizhe Wang
Co-first author.
Tianjin University
China
Wei Ma
[1]
Singapore Management University
Singapore
Qiang Hu
Tianjin University
China
Yao Zhang
Corresponding author. [email protected], [email protected]
Tianjin University
China
Jianfei Sun
Singapore Management University
Singapore
Bin Wu
Tianjin University
China
Yang Liu
Nanyang Technological University
Singapore
Guangquan Xu
[2]
Tianjin University
China
Lingxiao Jiang
Singapore Management University
Singapore
Wang and Ma et al.
software vulnerability repair, LLM, exploit-based evaluation, benchmark
## Abstract
The adoption of Large Language Models (LLMs) for automated software vulnerability patching has sh
Bleepingcomputer
Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
blogs_bleepingcomputer·2023-11-14·CVSS 7.8
[HIGH] Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
## Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
## Lawrence Abrams
16 Elevation of Privilege Vulnerabilities
6 Security Feature Bypass Vulnerabilities
15 Remote Code Execution Vulnerabilities
6 Information Disclosure Vulnerabilities
5 Denial of Service Vulnerabilities
11 Spoofing Vulnerabilities
The total count of 58 flaws does not include 5 Mariner security updates and 20 Microsoft Edge security updates released earlier this month.
To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5032190 cumulative update and Windows 10 KB5032189 cumulative update .
## Five zero-days fixed
This month's Patch Tuesday fixes five zero-day vulnerabilities, with three exploited in attacks and three publicl
https://bugzilla.redhat.com/show_bug.cgi?id=1860466https://github.com/SeldonIO/seldon-core/issues/2252https://github.com/yaml/pyyaml/issues/420https://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1860466https://github.com/SeldonIO/seldon-core/issues/2252https://github.com/yaml/pyyaml/issues/420https://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.html
2021-02-09
Published