The update from SnakeYAML 1.33 to 2.0 includes important security enhancements to address a known vulnerability. In previous versions of SnakeYAML, it was possible for an attacker to exploit a YAML parsing vulnerability to execute arbitrary code on the host system.
SnakeYAML 2.0 includes several changes to mitigate this vulnerability. One of the key changes is the introduction of a new default parser, which is now based on the Jackson YAML parser. This new parser is designed to be more secure and resistant to malicious input than the previous parser.
The update from SnakeYAML 1.33 to 2.0 includes important security enhancements to address a known vulnerability. In previous versions of SnakeYAML, it was possible for an attacker to exploit a YAML parsing vulnerability to execute arbitrary code on the host system.
SnakeYAML 2.0 includes several changes to mitigate this vulnerability. One of the key changes is the introduction of a new default parser, which is now based on the Jackson YAML parser. This new parser is designed to be more secure and resistant to malicious input than the previous parser.