Safety vulnerability ID: 41355
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Ortec.scientific.benchmarks.loadbuilding 1.0.1 includes a security patch for the function 'safeFindRoot' in 'ortec/scientific/benchmarks/loadbuilding/solution/read/YAMLtoThreeDsolution.py'. It used the unsafe yaml.load(), that allows instantiation of arbitrary objects. Consider yaml.safe_load().
https://github.com/ORTECScientificBenchmarks/ortec-scientific-benchmarks-loadbuilding/commit/81b5f1ad38bc25ddf8ce1e988cb540a8d7f43482
Latest version: 1.0
Tools for the working with the ORTEC loadbuilding benchmark problems
Ortec.scientific.benchmarks.loadbuilding version 1.0.1 includes a security patch for the function 'safeFindRoot' in 'ortec/scientific/benchmarks/loadbuilding/solution/read/YAMLtoThreeDsolution.py'. Use of unsafe yaml load. Allows instantiation of arbitrary objects. Consider yaml.safe_load(). See also: https://github.com/ORTECScientificBenchmarks/ortec-scientific-benchmarks-loadbuilding/commit/81b5f1ad38bc25ddf8ce1e988cb540a8d7f43482
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application