Skip to content
This repository was archived by the owner on Jan 31, 2025. It is now read-only.
This repository was archived by the owner on Jan 31, 2025. It is now read-only.

Vulnerabilities in snakeyaml used by Jet #3128

Open
Open
Vulnerabilities in snakeyaml used by Jet#3128
Labels
securityPull requests that address a security vulnerabilityseverity:highVulnerability scan classification for High Severity issues
Milestone
4.5.5
@olukas

Description

@olukas
olukas
opened on Dec 6, 2022

Jet elasticsearch uses snakeyaml in version 1.33 which includes following vulnerability:

The same CVE is in jmx_prometheus_javaagent-0.16.1.jar (shaded: org.yaml:snakeyaml:1.29).

Metadata

Metadata

Assignees

No one assigned

    Labels

    securityPull requests that address a security vulnerabilityseverity:highVulnerability scan classification for High Severity issues

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions