github · nona2512 · Sep 4, 2022
diff --git a/advisories/github-reviewed/2019/01/GHSA-rprw-h62v-c2w7/GHSA-rprw-h62v-c2w7.json b/advisories/github-reviewed/2019/01/GHSA-rprw-h62v-c2w7/GHSA-rprw-h62v-c2w7.json
@@ -1,50 +1,28 @@
 {
   "schema_version": "1.2.0",
   "id": "GHSA-rprw-h62v-c2w7",
-  "modified": "2022-07-18T19:40:16Z",
+  "modified": "2022-09-04T16:03:24Z",
   "published": "2019-01-04T17:45:26Z",
   "aliases": [
     "CVE-2017-18342"
   ],
   "summary": "PyYAML insecurely deserializes YAML strings leading to arbitrary code execution",
   "details": "In PyYAML before 4.1, the yaml.load() API could execute arbitrary code. In other words, yaml.safe_load is not used.",
   "severity": [
-    {
-      "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
-    }
+
   ],
   "affected": [
     {
       "package": {
         "ecosystem": "PyPI",
-        "name": "PyYAML"
-      },
-      "ecosystem_specific": {
-        "affected_functions": [
-          "yaml.load",
-          "yaml.dump",
-          "safe_dump_all",
-          "safe_dump",
-          "yaml.CSafeLoader",
-          "yaml.CLoader",
-          "yaml.CSafeDumper",
-          "yaml.CDumper",
-          "yaml.SafeDumper",
-          "yaml.Dumper",
-          "yaml.SafeLoader",
-          "yaml.Loader"
-        ]
+        "name": ""
       },
       "ranges": [
         {
           "type": "ECOSYSTEM",
           "events": [
             {
               "introduced": "0"
-            },
-            {
-              "fixed": "4.1"
             }
           ]
         }
@@ -101,7 +79,7 @@
     "cwe_ids": [
       "CWE-502"
     ],
-    "severity": "CRITICAL",
+    "severity": "LOW",
     "github_reviewed": true
   }
 }