Unsafe YAML Load Function in Qlib's Workflow Function in CLI

Unsafe YAML Load Function in Qlib's Workflow Function in CLI

CVE-2021-23338 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

This affects all versions of package qlib. The workflow function in cli part of qlib was using an unsafe YAML load function.

Learn more about our Web Application Penetration Testing UK.