Unknown · Transmute-Core · CVE-2023-47204
**Name of the Vulnerable Software and Affected Versions**
transmute-core versions prior to 1.13.5
**Description**
The issue concerns unsafe YAML deserialization in the yaml.Loader component of transmute-core, allowing attackers to execute arbitrary Python code.
**Recommendations**
For versions prior to 1.13.5, update to version 1.13.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the yaml.Loader component until a patch is available.