We’ve got a report of CVE-2023-2251 against snake-yaml and clj-yaml. I believe this to be a false positive.
Hi @slipset, I don't see anything in clj-yaml https://github.com/clj-commons/clj-yaml/actions/workflows/nvd_scanner.yml for https://nvd.nist.gov/vuln/detail/CVE-2023-2251. Was it some other tool that raised this to you?