Use yaml.safe_load() (!101) · Merge requests · infrastructure / qa-report-app

Emanuele Aina requested to merge wip/em/yaml-safe-load into master Jul 02, 2021

PyYAML.load() can create arbitrary Python objects, a malicious actor could exploit this to run arbitrary code.

Use yaml.safe_load()