There is a vulnerability in snakeyaml 1.23,upgrade recommended

Open QiAnXinCodeSafe opened this issue 5 years ago • 0 comments

https://github.com/didi/benchmark-thrift/blob/e6a6caf235f4ef81d3b1ccb20b812840f27a9c44/pom.xml#L19-L21

CVE-2017-18640

Recommended upgrade version：1.26

Nov 30 '20 02:11 QiAnXinCodeSafe