Liran Tal 

⚠️ A vulnerability for #SnakeYaml, a well-known #YAML 1.1 parser and emitter for #Java, was recently reported https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471/

Learn how CVE-2022-1471 can lead to arbitrary code execution and how best to mitigate it from
@brianverm

Unsafe deserialization in SnakeYaml - Exploring CVE-2022-1471 | Snyk

SnakeYaml, a YAML 1.1 parser and emitter for Java, has been reported as vulnerable to CVE-2022-1471, a deserialization vulnerability that can lead to arbitrary code execution.

Snyk
Dec 13, 2022 at 8:49pmWeb