Batch Importer (Bib/Acq) (UXPROD-47)

[LIQUTIL-30] snakeyaml 1.33 fixing DoS CVE-2022-38752 Created: 29/Sep/22  Updated: 03/Oct/22  Resolved: 01/Oct/22

Status: Closed
Project: liquibase-util
Components: None
Affects versions: 1.5.1
Fix versions: 1.5.2
Parent: Batch Importer (Bib/Acq)

Type: Bug Priority: TBD
Reporter: Julian Ladisch Assignee: Unassigned
Resolution: Done Votes: 0
Labels: data-import, epam-folijet, security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Defines
defines UXPROD-3557 NFR: Data Import Technical, NFR, & Mi... Closed
Sprint:
Development Team: Folijet
Release: Nolana (R3 2022)
Epic Link: Batch Importer (Bib/Acq)
RCA Group: Related dependency upgrade

 Description   

Upgrade snakeyaml from 1.31 to 1.33 fixing Denial of Service attacks (DOS) caused by Stack-based Buffer Overflow: https://nvd.nist.gov/vuln/detail/CVE-2022-38752


Generated at Thu Feb 08 22:13:47 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.