Merge pull request #1715 from matthewdunsdon/CVE-2017-18640

fix(#1658): CVE-2017-18640 - High Severity Vulnerability
finos · Jan 5, 2021 · bf492a5 · bf492a5
2 parents 735bb0b + dbba209
commit bf492a5
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/core/build.gradle b/core/build.gradle
@@ -21,6 +21,11 @@ dependencies {
     compile "dk.brics.automaton:automaton:${AUTOMATON_VERSION}"
     compile "org.apache.commons:commons-csv:${COMMONS_CSV_VERSION}"
     implementation "com.github.javafaker:javafaker:${FAKER_VERSION}"
+    implementation ('org.yaml:snakeyaml') {
+        version {
+            require '1.26'
+        }
+    }
 
     testCompile project(":common").sourceSets.test.output
     testCompile "org.junit.jupiter:junit-jupiter-api:${JUNIT_JUPITER_VERSION}"

diff --git a/profile/build.gradle b/profile/build.gradle
@@ -31,6 +31,11 @@ dependencies {
     compile "com.fasterxml.jackson.core:jackson-annotations:${JACKSON_VERSION}"
     compile "com.fasterxml.jackson.core:jackson-databind:${JACKSON_VERSION}"
     implementation "com.github.javafaker:javafaker:${FAKER_VERSION}"
+    implementation ('org.yaml:snakeyaml') {
+        version {
+            require '1.26'
+        }
+    }
 
     testCompile project(":common").sourceSets.test.output
     testCompile "org.junit.jupiter:junit-jupiter-api:${JUNIT_JUPITER_VERSION}"