mule-pachanady
commented
1 year ago branch name seems not right
Closed mule-pachanady closed 1 year ago
mule-pachanady
commented
1 year ago branch name seems not right
In October of 2022, a critical flaw was found in the SnakeYAML package, which allowed an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Finally, in February 2023, the SnakeYAML 2.0 release was pushed that resolves this flaw, also referred to as CVE-2022-1471. Let’s break down how this version can help you resolve this critical flaw.