CVE-2021-41110
CVE-2021-41110 affects cwlviewer prior to version 1.3.1, where a Deserialization of Untrusted Data vulnerability exists due to SnakeYaml constructors that allow parsing of arbitrary data. A patch was committed (f6066f09edb70033a2ce80200e9fa9e70a5c29de, 2021-09-30) and is the recommended fix. Ther...