-
Task
-
Resolution: Done
-
Neutral
-
None
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
-
Yes
One or more dependencies were identified with known vulnerabilities in magnolia-addon-webapp: magnolia-community-webapp-6.2-SNAPSHOT.war: snakeyaml-1.33.jar (pkg:maven/org.yaml/snakeyaml@1.33, cpe:2.3:a:snakeyaml_project:snakeyaml:1.33:*:*:*:*:*:*:*, cpe:2.3:a:yaml_project:yaml:1.33:*:*:*:*:*:*:*) : CVE-2023-2251
https://nvd.nist.gov/vuln/detail/CVE-2023-2251
The issue affects a library not used by Magnolia, namely https://github.com/eemeli/yaml
Acceptance criteria