der
commented
1 year ago Will do, but note that registry-core does not use yaml at all, let alone expose an endpoint for it to untrusted content.
Closed cfollenf closed 1 year ago
der
commented
1 year ago Will do, but note that registry-core does not use yaml at all, let alone expose an endpoint for it to untrusted content.
der
commented
1 year ago Patched release done (thanks @simonoakesepimorphics)
cfollenf
commented
1 year ago Thanks again.
Current version of SnakeYAML (1.26) holds a critical vulnerability CVE-2022-1471 which was updated yesterday March 21st, could you please bump it up to version 2.00 ?