vulnerability
Alma Linux: CVE-2019-20477: Moderate: python38:3.8 security, bug fix, and enhancement update (ALSA-2020-4641)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Feb 19, 2020 | May 4, 2022 | Aug 11, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Feb 19, 2020
Added
May 4, 2022
Modified
Aug 11, 2025
Description
PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342.
Solutions
alma-upgrade-python38-asn1cryptoalma-upgrade-python38-cffialma-upgrade-python38-chardetalma-upgrade-python38-cryptographyalma-upgrade-python38-cythonalma-upgrade-python38-idnaalma-upgrade-python38-markupsafealma-upgrade-python38-mod_wsgialma-upgrade-python38-psycopg2alma-upgrade-python38-psycopg2-docalma-upgrade-python38-psycopg2-testsalma-upgrade-python38-pycparseralma-upgrade-python38-pysocksalma-upgrade-python38-pytzalma-upgrade-python38-requestsalma-upgrade-python38-scipy
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.