From b5d851d653a974e48c47b9fac7699360747c3520 Mon Sep 17 00:00:00 2001
From: "huntr.dev | the place to protect open source" <admin@418sec.com>
Date: Sun, 17 Jan 2021 22:10:16 +0000
Subject: [PATCH] Security Fix for Arbitrary Code Execution - huntr.dev (#1962)

Co-authored-by: Anon-Artist <61599526+Anon-Artist@users.noreply.github.com>
Co-authored-by: Jamie Slome <jamie@418sec.com>
---
 train.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/train.py b/train.py
index 43cae4b31d06..f403a3c65b05 100644
--- a/train.py
+++ b/train.py
@@ -59,7 +59,7 @@ def train(hyp, opt, device, tb_writer=None, wandb=None):
     cuda = device.type != 'cpu'
     init_seeds(2 + rank)
     with open(opt.data) as f:
-        data_dict = yaml.load(f, Loader=yaml.FullLoader)  # data dict
+        data_dict = yaml.load(f, Loader=yaml.SafeLoader)  # data dict
     with torch_distributed_zero_first(rank):
         check_dataset(data_dict)  # check
     train_path = data_dict['train']