CVE-2022-41854/CVE-2022-38752 Snakeyaml vulnerable to Stack overflow leading to denial of service
Resolves #16062
This commit is contained in:
parent
ae189c5a34
commit
e3ccba3903
1 changed files with 7 additions and 0 deletions
7
pom.xml
7
pom.xml
|
@ -119,6 +119,8 @@
|
||||||
<google.guava.version>30.1-jre</google.guava.version>
|
<google.guava.version>30.1-jre</google.guava.version>
|
||||||
<xstream.version>1.4.20</xstream.version>
|
<xstream.version>1.4.20</xstream.version>
|
||||||
<okhttp.version>4.10.0</okhttp.version>
|
<okhttp.version>4.10.0</okhttp.version>
|
||||||
|
<!-- Override of SnakeYAML to fix multiple CVEs -->
|
||||||
|
<org.yaml.snakeyaml.version>1.33</org.yaml.snakeyaml.version>
|
||||||
|
|
||||||
<!-- Openshift -->
|
<!-- Openshift -->
|
||||||
<version.com.openshift.openshift-restclient-java>9.0.5.Final</version.com.openshift.openshift-restclient-java>
|
<version.com.openshift.openshift-restclient-java>9.0.5.Final</version.com.openshift.openshift-restclient-java>
|
||||||
|
@ -315,6 +317,11 @@
|
||||||
<artifactId>logging-interceptor</artifactId>
|
<artifactId>logging-interceptor</artifactId>
|
||||||
<version>${okhttp.version}</version>
|
<version>${okhttp.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.yaml</groupId>
|
||||||
|
<artifactId>snakeyaml</artifactId>
|
||||||
|
<version>${org.yaml.snakeyaml.version}</version>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.jboss</groupId>
|
<groupId>org.jboss</groupId>
|
||||||
<artifactId>jboss-dmr</artifactId>
|
<artifactId>jboss-dmr</artifactId>
|
||||||
|
|
Loading…
Reference in a new issue