chartify icon indicating copy to clipboard operation
chartify copied to clipboard

Published 20 hours ago verified publisher icon spotify

Update options.py

Open mdakh404 opened this issue 3 years ago • 0 comments

What this PR does / why we need it: It fixes the insecure YAML deserialization bug found on the _core/options.py module, it uses yaml.safe_load() rather than the unsafe function yaml.load(), insecure deserialization, in this case, leads to Arbitrary Code Execution.

Which issue(s) this PR fixes it fixes the insecure yaml deserialization, using yaml.safe_load() rather than yamlload()

mdakh404 avatar Aug 29 '21 17:08 mdakh404