A flaw was found in the yaml.load() function in the osbs-client versions since 0.46 before 0.56.1. Insecure use of the yaml.load() function allowed the user to load any suspicious object for code execution via the parsing of malicious YAML files.Referenceshttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10135https://github.com/containerbuildsystem/osbs-client/pull/865
