Lucene search

K
osvGoogleOSV:GHSA-RVWF-54QP-4R6V
HistoryJun 04, 2021 - 9:37 p.m.

SnakeYAML Entity Expansion during load operation

2021-06-0421:37:45
Google
osv.dev
48

EPSS

0.019

Percentile

88.5%

The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

References