Safety vulnerability ID: 41375
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Pyphi 1.2.0 includes a security patch for the function 'load_file' in 'pyphi/conf.py'. It used the unsafe yaml.load(), that allows instantiation of arbitrary objects. Consider yaml.safe_load().
https://github.com/wmayner/pyphi/commit/494023f9eec4a17a8ab3f70c04fc314ecb7de777#diff-d4ca6ddd6df63ee73ec2ce90f8982e22cb4aa8833367feea781224d2f9a54dcc
Latest version: 1.2.0
Python library for computing integrated information.
Pyphi version 1.2.0 includes a security patch for the function 'load_file' in 'pyphi/conf.py'. Use of unsafe yaml load. Allows instantiation of arbitrary objects. Consider yaml.safe_load(). See also: https://github.com/wmayner/pyphi/commit/494023f9eec4a17a8ab3f70c04fc314ecb7de777#diff-d4ca6ddd6df63ee73ec2ce90f8982e22cb4aa8833367feea781224d2f9a54dcc
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application