Upgrade to PyYAML 4.2
jleni opened this issue · 1 comments
jleni commented
Describe the bug
There is a known vulnerability in PyYAML 3.2.
At the moment, there is no release for PyYAML 4.2
yaml/pyyaml#193
Additional context
The use of yml files is limited to configuration files. While the fix will be address as fast as possible, it does not seem to be leading to a critical vulnerability in the network. It is recommended not to use third party yml files for the configuration of nodes.