7.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.8%
An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed.
contrastsecurity.com
github.com/Contrast-Security-OSS/yamlbeans/blob/main/SECURITY.md
github.com/EsotericSoftware