[TINKERPOP-2902] Critical security vulnerability in snakeyaml - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: 3.6.2, 3.5.5
Fix Version/s: 3.7.0, 3.6.3, 3.5.6
Component/s: console, server
Labels:
None

Description

This critical security vulnerability was identified in versions of snakeyaml prior to 2.0

https://nvd.nist.gov/vuln/detail/CVE-2022-1471

Attachments

Issue Links

is duplicated by

TINKERPOP-2894 Need upgrade to snakeyaml 1.3.4 or later

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Aaron Coady

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 13/Mar/23 15:53

Updated:: 06/Apr/23 20:37

Resolved:: 06/Apr/23 20:37