Lucene search

Out-of-bounds Write

🗓️ 06 Sep 2022 00:00:00Reported by https://gitlab.com/gitlab-org/security-products/gemnasium-dbType

Using snakeYAML for untrusted YAML files may lead to Denial of Service vulnerabilitie

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 95
Veracode	Denial Of Service (DoS)	6 Sep 202207:02	–	veracode
OSV	CGA-8QV6-X47G-J5CH	19 Nov 202423:06	–	osv
OSV	CGA-PRMX-F7V5-87X2	8 Nov 202414:07	–	osv
OSV	CVE-2022-38749	5 Sep 202210:15	–	osv
OSV	snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write	6 Sep 202200:00	–	osv
OSV	CGA-PC67-QGG2-HPMQ	7 Nov 202408:07	–	osv
OSV	snakeyaml - security update	2 Oct 202200:00	–	osv
OSV	snakeyaml vulnerabilities	10 Mar 202310:18	–	osv
OSV	RHSA-2023:2097 Red Hat Security Advisory: Satellite 6.13 Release	30 Sep 202416:32	–	osv
OSV	RHSA-2023:1043 Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 7	30 Sep 202416:32	–	osv

Vulners

Node

maven snakeyamlMatch1.25.1

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-38749
bitbucket	www.bitbucket.org/snakeyaml/snakeyaml/issues/525/got-stackoverflowerror-for-many-open
bugs	www.bugs.chromium.org/p/oss-fuzz/issues/detail
lists	www.lists.debian.org/debian-lts-announce/2022/10/msg00001.html
security	www.security.gentoo.org/glsa/202305-28
arxiv	www.arxiv.org/pdf/2306.05534.pdf
github	www.github.com/advisories/GHSA-c4r9-r8fh-9vj2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Sep 2022 00:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS36.5

EPSS0.00543