Really enjoyed the article by @BrianVerm from @snyksec on “Preventing YAML parsing vulnerabilities with snakeyaml in Java”. I don’t think I have ever used anchors in YAML before. I published my little demo app here if you wanted to have a play - https://github.com/leeturner/snakeyaml-dos-vulnerability
Hi, I’m Lee 👋. Senior Software Engineer at WireMock, Snyk Ambassador, Hacker of code. Appsec enthusiast. Runs Brighton Kotlin & Brighton JUG