diff --git a/pkgs/development/python-modules/pyyaml/default.nix b/pkgs/development/python-modules/pyyaml/default.nix
index 95ceeab3a04b91..bc5c389ce58544 100644
--- a/pkgs/development/python-modules/pyyaml/default.nix
+++ b/pkgs/development/python-modules/pyyaml/default.nix
@@ -1,4 +1,4 @@
-{ lib, buildPythonPackage, fetchPypi, cython, libyaml, buildPackages }:
+{ lib, buildPythonPackage, fetchPypi, fetchpatch, cython, libyaml, buildPackages }:
 
 buildPythonPackage rec {
   pname = "PyYAML";
@@ -9,6 +9,14 @@ buildPythonPackage rec {
     sha256 = "0pb4zvkfxfijkpgd1b86xjsqql97ssf1knbd1v53wkg1qm9cgsmq";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2020-14343.patch";
+      url = "https://github.com/yaml/pyyaml/pull/472/commits/7adc0db3f613a82669f2b168edd98379b83adb3c.patch";
+      sha256 = "0802zjbp84c7bvja60cv9r9d36x143c62rl01mv35s32r5fids2n";
+    })
+  ];
+
   # force regeneration using Cython
   postPatch = ''
     rm ext/_yaml.c