Skip to main content

Yamale

1 CVEs product

Monthly

CVE-2021-38305 PyPI HIGH PATCH This Week

23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

Python File Upload RCE Yamale
NVD GitHub
CVSS 3.1
7.8
EPSS
2.5%
EPSS 2% CVSS 7.8
HIGH PATCH This Week

23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

Python File Upload RCE +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy