CVE-2022-1471 in SnakeYAML 1.33

[dkirrane]

Out project reports the following CVE when we use latest io.swagger.parser.v3:swagger-parser:2.1.18 https://nvd.nist.gov/vuln/detail/CVE-2022-1471

Is it possible to move to SnakeYaml v2 to resolve this CVE?

[frantuma]

2.1.8 and current swagger-parser uses SnakeYaml 2.2, which is not affected by the mentioned vulnerability. Please verify that your tooling is providing correct result and targeting the right version, and please close ticket if the above is correct