Candidate: CVE-2011-4103
PublicDate: 2014-10-27 01:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4103
Description:
 emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not
 properly deserialize YAML data, which allows remote attackers to execute
 arbitrary Python code via vectors related to the yaml.load method.
Ubuntu-Description: 
Notes: 
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/python-django-piston/+bug/884910
Priority: medium
Discovered-by:
Assigned-to: 
CVSS: 

Patches_python-django-piston:
 debdiff: https://launchpad.net/bugs/884910
upstream_python-django-piston: released (0.2.2-2)
hardy_python-django-piston: DNE
lucid_python-django-piston: DNE
maverick_python-django-piston: released (0.2.2-1ubuntu0.2)
natty_python-django-piston: released (0.2.2-1ubuntu1.11.04.1)
oneiric_python-django-piston: released (0.2.2-1ubuntu1.11.10.1)
devel_python-django-piston: not-affected (0.2.2-2)