snake Yaml 1.33 reports CVE-2022-1471
Issue #1069
invalid
we use snake Yaml 1.33 reports CVE-2022-1471. Kindly let us know when can this issue is fixed in 1.33
Comments (8)
-
-
- marked as minor
- marked as task
-
assigned issue to
-
- changed status to open
-
reporter Could You please lets us know the reason for declaring it as a false positive?
-
You will find many issues in this tracker to prove it.
Do you use Spring ?
-
reporter Yes
-
-
- changed status to invalid
Spring users are not affected
- Log in to comment
Just keep using SnakeYAML 1.33 - it is a false positive