Exclude (unused) snakeyaml dependency (#120553)

* Exclude (unused) snakeyaml dependency

* Explanatory comment and CVE link

Author: prdoyle

x-pack/snapshot-tool/build.gradle

@@ -70,6 +70,10 @@ dependencies {
   api 'javax.xml.bind:jaxb-api:2.2.2'
 }
 
+configurations.configureEach {
+  exclude group: 'org.yaml', module: 'snakeyaml' // Avoid CVE: https://nvd.nist.gov/vuln/detail/cve-2022-1471
+}
+
 tasks.named("dependencyLicenses").configure {
   mapping from: /aws-java-sdk-.*/, to: 'aws-java-sdk'
   mapping from: /jmespath-java.*/, to: 'aws-java-sdk'