Phil Zampino created KNOX-1194:

             Summary: AdminUI should use safe versions of YAML load and dump 
                 Key: KNOX-1194
             Project: Apache Knox
          Issue Type: Bug
          Components: AdminUI
    Affects Versions: 1.1.0
            Reporter: Phil Zampino
            Assignee: Phil Zampino
             Fix For: 1.1.0

The AdminUI currently user js-yaml methods load and dump. It should be using 
safeLoad and safeDump to limit the risks associated with handling untrusted 

This message was sent by Atlassian JIRA

Reply via email to