Skip to content

Commit

Permalink
FOLIO-3734: snakeyaml 2.0
Browse files Browse the repository at this point in the history 
Upgrade snakeyaml from 1.33 to 2.0 fixing Arbitrary Code Execution: https://nvd.nist.gov/vuln/detail/CVE-2022-1471

Spring Boot >= 3.0.3 is compatible with snakeyaml 2.x: spring-projects/spring-boot#34405
  • Loading branch information
@julianladisch
julianladisch committed Mar 3, 2023
1 parent a19e45f commit 9c87a48
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@
<!-- test dependencies -->
<wiremock-standalone.version>2.27.2</wiremock-standalone.version>
<testcontainers.version>1.17.6</testcontainers.version>
<snakeyaml.version>2.0</snakeyaml.version>
</properties>

<dependencies>
Expand Down

0 comments on commit 9c87a48

Please sign in to comment.