Address unsafe yaml.load in PyYAML
Closed, ResolvedPublic

Description

PyYAML has a yaml.load() function that provides arbitrary code execution before PyYAML v4.1 and is therefore deprecated - as of v5.1 - with a single file argument as described in

https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation

A minimum safe version should be provided and the necessary changes in the function call argument list must be upstreamed.

matetothpal triaged this task as Low priority.
matetothpal closed this task as Resolved.Fri, Nov 15, 10:28 AM

Change for this issue had been merged.