Upgrade SnakeYaml to 2.0 - CVE-2022-1471

We are not reading/parsing user content, so we are not vulnerable to this CVE, but worth updating to avoid endless explanations to QSAs.
jpos · Jun 22, 2023 · 748aa3b · 748aa3b
1 parent 3d28f82
commit 748aa3b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/jpos/libraries.gradle b/jpos/libraries.gradle
@@ -24,7 +24,7 @@ ext {
         slf4j_api: "org.slf4j:slf4j-api:1.7.32",
         slf4j_nop: "org.slf4j:slf4j-nop:1.7.32",
         hdrhistogram: 'org.hdrhistogram:HdrHistogram:2.1.12',
-        yaml: "org.yaml:snakeyaml:1.33"
+        yaml: "org.yaml:snakeyaml:2.0"
     ]
 }