[jira] [Resolved] (KNOX-1194) AdminUI should use safe versions of YAML load and dump methods.

Phil Zampino (JIRA) Fri, 23 Feb 2018 19:40:26 -0800

     [ 
https://issues.apache.org/jira/browse/KNOX-1194?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Phil Zampino resolved KNOX-1194.
--------------------------------
    Resolution: Fixed

> AdminUI should use safe versions of YAML load and dump methods.
> ---------------------------------------------------------------
>
>                 Key: KNOX-1194
>                 URL: https://issues.apache.org/jira/browse/KNOX-1194
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: AdminUI
>    Affects Versions: 1.1.0
>            Reporter: Phil Zampino
>            Assignee: Phil Zampino
>            Priority: Major
>             Fix For: 1.1.0
>
>
> The AdminUI currently user js-yaml methods load and dump. It should be using 
> safeLoad and safeDump to limit the risks associated with handling untrusted 
> YAML.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (KNOX-1194) AdminUI should use safe versions of YAML load and dump methods.

Reply via email to