08-04-2022 01:20 AM
Hello,
It seems that one of the Genie dependent library, ruamel.yaml, has vulnerability issue.
Please refer to these links for more details.
https://nvd.nist.gov/vuln/detail/CVE-2019-20478#range-4480638
https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe%3A2.3%3Aa%3Aruamel.yaml_project%3Aruamel.yaml%3A0.1%3A*%3A*%3A*%3A*%3A*%3A*%3A*
I would like to know whether Genie library uses safe_load method for calling ruamel.yaml.
If no, is there a way to do so when I use pyATS?
08-15-2022 06:11 AM
Hi @Darven,
That's a good question. I hope it uses the safe_load method and not the load method.
Here are a few places to find out!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community