Please update the 'yaml' dependency version to 2.1.0 to fix CVE-2023-2251 Vulnerability

Question

Please update the 'yaml' dependency version to 2.1.0 to fix CVE-2023-2251 Vulnerability

Prateeks91 opened this issue 10 months ago · comments

Is your feature request related to a problem? Please describe.
Currently, the project is using yaml:2.0.0-1, which is prone to CVE-2023-2251 Vulnerability

Describe the solution you'd like
The suggested solution is to upgrade to yaml: 2.1.0

Danilo Assis · Answer 1 · Wed Aug 23 2023 23:53:16 GMT+0800 (China Standard Time)

hi @Prateeks91 can you send a pull request, please?

Prateeks91 · Answer 2 · Thu Aug 24 2023 02:26:51 GMT+0800 (China Standard Time)

@daniloab sure. Here you go #378

stale · Answer 3 · Mon Oct 23 2023 09:01:12 GMT+0800 (China Standard Time)

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.