Deserialization of Untrusted Data
JYaml allows remote code execution during deserialization of a malicious payload through the load() function.
Advisories for Maven/Org.jyaml/Jyaml package
2020
JYaml allows remote code execution during deserialization of a malicious payload through the load() function.