Content-Length: 269021 | pFad | https://github.com/github/codeql/issues/19664

7B CodeQL Docs: SnakeYaml is now secure by default · Issue #19664 · github/codeql · GitHub
Skip to content

CodeQL Docs: SnakeYaml is now secure by default #19664

New issue
New issue
Open
Open
CodeQL Docs: SnakeYaml is now secure by default#19664
Labels
JavaquestionFurther information is requested
@JLLeitschuh

Description

@JLLeitschuh
JLLeitschuh
opened on Jun 3, 2025

https://codeql.github.com/codeql-query-help/java/java-unsafe-deserialization/

This query currently documents that SnakeYaml is currently insecure by default. As of 2.0, this is no longer the case. It's now secure by default. This should be updated in the documentation, and the query, if relevant, should also be updated.

Metadata

Metadata

Assignees

No one assigned

    Labels

    JavaquestionFurther information is requested

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions








      ApplySandwichStrip

      pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


      --- a PPN by Garber Painting Akron. With Image Size Reduction included!

      Fetched URL: https://github.com/github/codeql/issues/19664

      Alternative Proxies:

      Alternative Proxy

      pFad Proxy

      pFad v3 Proxy

      pFad v4 Proxy