·
0 commits
to main
since this release
The jinja templating library allows arbitrary code execution unless run within a sandbox. This could allow arbitrary code execution if an untrusted config file were used to load the pipeline.