boto@2.0b3 vulnerabilities

Amazon Web Services Library

Known vulnerabilities in the boto package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
C Arbitrary Code Execution Affected versions of this package are vulnerable to Arbitrary Code Execution via usage of unsafe `yaml.load()` method. How to fix Arbitrary Code Execution? Upgrade `boto` to version 2.39.0 or higher.	[,2.39.0)
H XML External Entity (XXE) Injection Affected versions of this package are vulnerable to XML External Entity (XXE) Injection by allowing their loading and resolving in a response body of the server error when using Squid. How to fix XML External Entity (XXE) Injection? Upgrade `boto` to version 2.9.0 or higher.	[,2.9.0)
M Arbitrary Code Execution `boto` is amazon Web Services Library. Affected versions of this package are vulnerable to Arbitrary Code Execution attacks via the insecure `YAML.load()` function.	[,2.39.0)