Skip to content

Commit e571c89

Browse files
torresashjiancybertorresashjiancyber
committed
security: Replace unsafe YAML loader with safe loader
VC-53769
1 parent 0e4e1ca commit e571c89

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

vcert/parser/yaml_parser.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ def parse(yaml_string):
4646
log.error('yaml string is empty')
4747
raise VenafiParsingError
4848

49-
yaml = YAML(typ='unsafe')
49+
yaml = YAML(typ='safe')
5050
data = yaml.load(yaml_string)
5151
policy = parse_data(data)
5252

@@ -65,6 +65,6 @@ def serialize(policy_spec, file_path):
6565
abs_path = os.path.abspath(file_path)
6666
data = parse_policy_spec(policy_spec)
6767
f = open(abs_path, 'w')
68-
yaml = YAML(typ='unsafe')
68+
yaml = YAML(typ='safe')
6969
yaml.dump(data, f)
7070
f.close()

0 commit comments

Comments
 (0)