uap-java icon indicating copy to clipboard operation
uap-java copied to clipboard

Published 20 hours ago verified publisher icon ua-parser

Bumped snakeyaml to 1.31 to mitigate CVE-2022-25857

Open Gozke opened this issue 2 years ago • 0 comments

Hi There,

Our project is using this great piece of library, but the OWASP dep. checker has noticed that the version of snakeyaml you're using has a vulnerability. (CVE-2022-25857)

What I did:

  • Bumped the version to the latest in the pom.xml
  • Built the project and executed the unit tests. (mvn test) It checked out all fine so I'm assuming that the new version's compatible with the uap-java.

Gozke avatar Sep 05 '22 08:09 Gozke