Nirvinana

Name of the Vulnerable Software and Affected Versions: EdgeGallery/developer versions prior to 1.0 Description: The issue is related to the deserialization of a yaml file, which can allow attackers to execute system commands by uploading a maliciously constructed YAML file. Recommendations: For versions prior to 1.0, update to version 1.0 or later to resolve the issue. As a temporary workaround, consider restricting the upload of YAML files or validating the contents of uploaded YAML files to prevent malicious constructions.