[issue44757] Insecure Deserialization
🖤Black Joker🖤
report at bugs.python.org
Wed Jul 28 03:04:52 EDT 2021
🖤Black Joker🖤 <akki.dw007 at gmail.com> added the comment:
Hi Steven D'Aprano,
well first of all thank you to posting reply on this. Could please fix this follwoing errors of the code?
import python
from CallNode call
where call = value::named("yaml.load").getACall()
where call.getrNode(), "yaml.load function is unsafe when loading data from untrusted sources. Use yaml.safe_load instead"
----------
resolution: -> wont fix
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue44757>
_______________________________________
More information about the Python-bugs-list
mailing list