Medium Severity

Security Bulletin: Vulnerability has been identified in SnakeYAML used by IBM Dependency Based Build

Share this post:

A vulnerability has been identified in SnakeYAML used by IBM Dependency Based BUild. SnakeYAML is used to load local YAML property files and is unlikely to cause a DoS incident described in the Vulnerability Details below. However, IBM recommends upgrading to version 1.1.0 or later.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Dependency Based Build (DBB) 1.0.9 and earlier

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6413413

More stories

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect TXSeries for Multiplatforms

Apr 14, 2021 9:22 am EDT | Medium Severity

TXSeries for Multiplatforms has addressed the following vulnerabilities reported by IBM® Runtime Environment Java™ ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM CICS TX on Cloud

Apr 14, 2021 9:21 am EDT | Medium Severity

IBM CICS TX on Cloud has addressed the following vulnerabilities reported by IBM® Runtime Environment Java™ ...read more


Security Bulletin: IBM InfoSphere Information Server is affected by a cross-site scripting vulnerability CVE-2020-4997

Apr 13, 2021 12:43 pm EDT | Medium Severity

A cross-site scripting vulnerability was addressed by IBM InfoSphere Information Server. ...read more