yaml.load is dangerous
Closed this issue · 0 comments
ipwnponies commented
Should use yaml.safe_load
. Or switch to strictyaml
instead, which doesn't parse python objects and have execution vulnerability.
Closed this issue · 0 comments
Should use yaml.safe_load
. Or switch to strictyaml
instead, which doesn't parse python objects and have execution vulnerability.