Use SafeLoader with yaml.load | Critiq Docs

#Metadata

Rule ID: py.security.insecure-yaml-load
Severity: medium
Confidence: 0.9
Languages: python
Presets: security, strict
Stability: stable
Applies to: block
Tags: deserialization, python, rules-catalog, security, yaml

#Why it matters

Unsafe YAML deserialization can instantiate arbitrary Python objects and lead to unexpected code paths.

#Remediation

Prefer `yaml.safe_load` or pass `Loader=yaml.SafeLoader` explicitly for trusted-safe parsing behavior.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/python/py.security.insecure-yaml-load.rule.yaml.

Back to directory Open rule in repository