Vulnerable version of SnakeYAML is being used in api

[radon-86]

Major SpongeAPI version

11

Is this likely to be a breaking change?

Yes

What are you requesting?

According to my security tool which I am using Sponge API version 11 is using the package SnakeYAML version 1.28, which is vulnerable to various attacks, according to Snyk: https://security.snyk.io/package/maven/org.yaml:snakeyaml/1.28.

[zml2008]

security tools are not a substitute for a brain.