pulpcore 3.7 branch needs PyYAML dep raised to include 5.4.x to fix CVE-2020-14343 (backport 205c903bb22)
Backport request for 205c903bb2232d7f6fb8291c2f6ab0ba74442f9e into 3.7 branch, maybe others.
CVE-2020-14343 (Improper Input Validation in PyYAML)
pulpcore 3.7 branch (and latest release 3.7.4) have PyYaml dep:
which prevents updating to PyYaml 5.4.1
Please register to edit this issue