https://bugzilla.redhat.com/show_bug.cgi?id=2272329
Bug ID: 2272329
Summary: CVE-2022-1471 snakeyaml: Constructor Deserialization
Remote Code Execution [epel-all]
Product: Fedora EPEL
Version: epel8
Status: NEW
Component: snakeyaml
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: fedoraproject.org(a)bluhm-de.com
Reporter: ntait(a)redhat.com
CC: fedoraproject.org(a)bluhm-de.com,
java-sig-commits(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, mizdebsk(a)redhat.com, mo(a)morsi.org
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
http://bugzilla.redhat.com/show_bug.cgi?id=2150009
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2272329
Report this comment as SPAM:
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=rep...