Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/pyyaml@5.2-1?distro=trixie
purl pkg:deb/debian/pyyaml@5.2-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-tk2n-xsk7-aqb9 PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342. CVE-2019-20477
GHSA-3pqx-4fqf-j49f
PYSEC-2020-176

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T10:53:28.414421+00:00 Debian Importer Fixing VCID-tk2n-xsk7-aqb9 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T07:22:45.869568+00:00 Debian Importer Fixing VCID-tk2n-xsk7-aqb9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:51:03.951561+00:00 Debian Importer Fixing VCID-tk2n-xsk7-aqb9 https://security-tracker.debian.org/tracker/data/json 38.1.0