Uploaded image for project: 'TinkerPop'
  1. TinkerPop
  2. TINKERPOP-2902

Critical security vulnerability in snakeyaml

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 3.6.2, 3.5.5
    • 3.7.0, 3.6.3, 3.5.6
    • console, server
    • None

    Description

      This critical security vulnerability was identified in versions of snakeyaml prior to 2.0

      https://nvd.nist.gov/vuln/detail/CVE-2022-1471

      Attachments

        Issue Links

        is duplicated by

        Improvement - An improvement or enhancement to an existing feature or task. TINKERPOP-2894 Need upgrade to snakeyaml 1.3.4 or later

        • Major - Major loss of function.
        • Closed

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            acoady Aaron Coady
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment