Uploaded image for project: 'Java Script UI (App and Dialog Fields)'
  1. Java Script UI (App and Dialog Fields)
  2. JSFIELD-35

Major vulnerability in maven:org.yaml:snakeyaml:1.33

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • High
    • 2.0.2
    • 2.0
    • None

    Description

      The current version of the JSFIELD moduleĀ 

      <dependency>
        <groupId>info.magnolia.ui</groupId>
        <artifactId>magnolia-ui-framework-javascript</artifactId>
        <version>2.0</version>
      </dependency>

      is dependent on maven:org.yaml:snakeyaml:1.33

      This dependency contains 1 medium and 1 major severity security issue and should be replaced:
      https://devhub.checkmarx.com/cve-details/CVE-2022-41854/?utm_source=jetbrains&utm_medium=referral&utm_campaign=idea&utm_term=maven

      https://devhub.checkmarx.com/cve-details/CVE-2022-1471/?utm_source=jetbrains&utm_medium=referral&utm_campaign=idea&utm_term=maven

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                tmiyar Teresa Miyar
                mevelt Michael Evelt
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: