Closed kamadorueda closed 3 years ago
I have updated the Loader to FullLoader in the fix/max-col-width. Are you using Python 2.7 or 3.x? The new version will deprecate python 2.7 and will only work with python 3.x
That's awesome!
Seems like FullLoader is also vulnerable: https://github.com/yaml/pyyaml/issues/420
I've updated the issue
Fixed in #102
here: https://github.com/awslabs/aws-cfn-template-flip/blob/master/cfn_tools/yaml_loader.py#L20
as explained here:
https://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML
an in the source-code comment:
is insecure, we should use SafeLoader instead