Product:

Yaml

(Yaml_project)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 4
Date Id Summary Products Score Patch Annotated
2022-05-19 CVE-2022-28948 An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. Astra_trident, Yaml 7.5
2022-12-27 CVE-2021-4235 Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector. Yaml 5.5
2022-12-27 CVE-2022-3064 Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory. Yaml 7.5
2023-04-24 CVE-2023-2251 Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5. Yaml 7.5