{"id":"CVE-2021-23338","details":"This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.","aliases":["GHSA-hjr4-fhgp-23g9","PYSEC-2021-86","SNYK-PYTHON-QLIB-1054635"],"modified":"2026-03-14T10:46:45.800167Z","published":"2021-02-15T16:15:15.263Z","related":["SNYK-PYTHON-QLIB-1054635"],"references":[{"type":"ADVISORY","url":"https://snyk.io/vuln/SNYK-PYTHON-QLIB-1054635"},{"type":"FIX","url":"https://github.com/418sec/huntr/pull/1329"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-23338.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}]}