Code Execution Bug Affects Yamale Python Package — Used by Over 200 Projects
A high-severity code injection vulnerability has been disclosed in 23andMe’s Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code.