Skip to content

CodeQL Docs: SnakeYaml is now secure by default #19664

New issue
New issue
Open
Open
CodeQL Docs: SnakeYaml is now secure by default#19664
Labels
questionFurther information is requested
@JLLeitschuh

Description

@JLLeitschuh
JLLeitschuh
opened on Jun 3, 2025

https://codeql.github.com/codeql-query-help/java/java-unsafe-deserialization/

This query currently documents that SnakeYaml is currently insecure by default. As of 2.0, this is no longer the case. It's now secure by default. This should be updated in the documentation, and the query, if relevant, should also be updated.

Metadata

Metadata

Assignees

No one assigned

    Labels

    questionFurther information is requested

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions