codeql/2021-10-26-ruamel.yaml-modeling.md at z80coder/ATM-feature-optimisation - codeql - Gitea: Git with a cup of tea

hohn/codeql

mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00

Files

Rasmus Wriedt Larsen 1ce09afa08 Python: Add modeling of ruamel.yaml PyPI package

2021-10-26 17:48:10 +02:00

231 B

Raw Permalink Blame History

lgtm,codescanning

Added modeling of the ruamel.yaml PyPI package, resulting in additional sinks for the Deserializing untrusted input (py/unsafe-deserialization) query (since ruamel.yaml.load can lead to code execution).