projects
/
osm
/
N2VC.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Fix security bug: Deserialization of Untrusted Data
[osm/N2VC.git]
/
n2vc
/
k8s_helm_base_conn.py
diff --git
a/n2vc/k8s_helm_base_conn.py
b/n2vc/k8s_helm_base_conn.py
index
952630a
..
d446b9b
100644
(file)
--- a/
n2vc/k8s_helm_base_conn.py
+++ b/
n2vc/k8s_helm_base_conn.py
@@
-1888,7
+1888,7
@@
class K8sHelmBaseConnector(K8sConnector):
for key in params:
value = params.get(key)
if "!!yaml" in str(value):
- value = yaml.load(value[7:])
+ value = yaml.
safe_
load(value[7:])
params2[key] = value
values_file = get_random_number() + ".yaml"