You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@tomee.apache.org by "Yugandher reddy vonteddu (Jira)" <ji...@apache.org> on 2022/09/12 07:09:00 UTC

[jira] [Created] (TOMEE-4041) 4 CVE Vulnerabilities in snakeyaml-1.30.jar

Yugandher reddy vonteddu created TOMEE-4041:
-----------------------------------------------

             Summary: 4 CVE Vulnerabilities in snakeyaml-1.30.jar 
                 Key: TOMEE-4041
                 URL: https://issues.apache.org/jira/browse/TOMEE-4041
             Project: TomEE
          Issue Type: Bug
    Affects Versions: 8.0.12
            Reporter: Yugandher reddy vonteddu


There are 4 new CVE variabilities in snakeyaml-1.30.jar 

[CVE-2022-25857|https://nvd.nist.gov/vuln/detail/CVE-2022-25857]

[CVE-2022-38749|https://nvd.nist.gov/vuln/detail/CVE-2022-38749]

[CVE-2022-38750|https://nvd.nist.gov/vuln/detail/CVE-2022-38750]

[CVE-2022-38751|https://nvd.nist.gov/vuln/detail/CVE-2022-38751]

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)