Address unsafe yaml.load in PyYAML
Closed, ResolvedPublic


PyYAML has a yaml.load() function that provides arbitrary code execution before PyYAML v4.1 and is therefore deprecated - as of v5.1 - with a single file argument as described in

A minimum safe version should be provided and the necessary changes in the function call argument list must be upstreamed.

matetothpal triaged this task as Low priority.
matetothpal closed this task as Resolved.Nov 15 2019, 10:28 AM

Change for this issue had been merged.