Vulnerabilities (CVE)

Filtered by vendor Yaml Project Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-2251 1 Yaml Project 1 Yaml 2024-11-21 N/A 7.5 HIGH
Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5.
CVE-2022-3064 1 Yaml Project 1 Yaml 2024-11-21 N/A 7.5 HIGH
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
CVE-2022-28948 1 Yaml Project 1 Yaml 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
CVE-2021-4235 1 Yaml Project 1 Yaml 2024-11-21 N/A 5.5 MEDIUM
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.