summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjitendra007 <jitendra.sharma1@huawei.com>2020-08-21 11:04:56 +0530
committerBogumil Zebek <bogumil.zebek@nokia.com>2020-08-21 06:15:49 +0000
commit89325b0b6a011787637f76bf3b423fed905088ec (patch)
tree28ece1edcf7a47cab59ffb9b91aa7772150cb05a
parent87abb288ba1e107fb75148effd967420b6c76148 (diff)
Fix snakeyaml vulnerability
Issue-ID: VNFSDK-584 Signed-off-by: jitendra007 <jitendra.sharma1@huawei.com> Change-Id: Id132227aa3392fb55cd1ea357b07cb29b91a33e4
-rw-r--r--vnfmarket-be/vnf-sdk-marketplace/pom.xml20
1 files changed, 20 insertions, 0 deletions
diff --git a/vnfmarket-be/vnf-sdk-marketplace/pom.xml b/vnfmarket-be/vnf-sdk-marketplace/pom.xml
index 41139fb3..5d68fd40 100644
--- a/vnfmarket-be/vnf-sdk-marketplace/pom.xml
+++ b/vnfmarket-be/vnf-sdk-marketplace/pom.xml
@@ -104,8 +104,28 @@
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>com.fasterxml.jackson.dataformat</groupId>
+ <artifactId>jackson-dataformat-yaml</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.dataformat</groupId>
+ <artifactId>jackson-dataformat-yaml</artifactId>
+ <version>2.9.5</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.yaml</groupId>
+ <artifactId>snakeyaml</artifactId>
+ </exclusion>
</exclusions>
</dependency>
+ <dependency>
+ <groupId>org.yaml</groupId>
+ <artifactId>snakeyaml</artifactId>
+ <version>1.26</version>
+ </dependency>
<!-- jersey -->
<!-- excluded jetty-util and added invulnerable version -->
<dependency>