Skip to content

Commit

Permalink
Fix# 1982: Fix security issue related to PyYAML dependency(#1983)
Browse files Browse the repository at this point in the history
  • Loading branch information
@krtkvrm @RishabhJain2018
krtkvrm authored and RishabhJain2018 committed Jan 7, 2019
1 parent 513ddf6 commit b3abc4e
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion apps/challenges/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -563,7 +563,7 @@ def create_challenge_using_zip_file(request, challenge_host_team_pk):

try:
with open(join(BASE_LOCATION, unique_folder_name, yaml_file), "r") as stream:
yaml_file_data = yaml.load(stream)
yaml_file_data = yaml.safe_load(stream)
except (yaml.YAMLError, ScannerError) as exc:
message = 'Error in creating challenge. Please check the yaml configuration!'
response_data = {
Expand Down
2 changes: 1 addition & 1 deletion requirements/common.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,6 @@ pika==0.10.0
pickleshare==0.7.4
Pillow==3.4.2
psycopg2==2.7.3.2
PyYaml==3.12
PyYaml==4.2b1
proc==0.10.1
rstr==2.2.5

0 comments on commit b3abc4e

Please sign in to comment.