geometry icon indicating copy to clipboard operation
geometry copied to clipboard

Published 20 hours ago verified publisher icon ros

Unsafe call to yaml.load

Open vmatare opened this issue 5 years ago • 0 comments

https://github.com/ros/geometry/blob/00a32d024af476bf50822e6df2fe2ec97765b1a9/tf/src/tf/listener.py#L97

yaml.load is deprecated, and this call should be replaced with e.g. yaml.safe_load

See https://nvd.nist.gov/vuln/detail/CVE-2017-18342 Cf. https://github.com/ros/ros_comm/commit/29053c4832229efa7160fb944c05e3bc82e11540

vmatare avatar Oct 27 '19 15:10 vmatare