Homepage
About Snyk

boto@2.29.1 vulnerabilities

Amazon Web Services Library

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the boto package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Arbitrary Code Execution

Affected versions of this package are vulnerable to Arbitrary Code Execution via usage of unsafe yaml.load() method.

How to fix Arbitrary Code Execution?

Upgrade boto to version 2.39.0 or higher.

[,2.39.0)
  • M
Arbitrary Code Execution

boto is amazon Web Services Library.

Affected versions of this package are vulnerable to Arbitrary Code Execution attacks via the insecure YAML.load() function.

[,2.39.0)
Go back to all versions of this package