CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в snakeyaml

The Alias feature in SnakeYAML before version 1.26 allowed entity expansion during a load operation, which is a related issue to CVE-2003-1564...

7.5CVSS6.8AI score0.02766EPSS

Exploits1References2

OSV•added 2026/03/03 10:16 p.m.•1 views

CVE-2026-26266 AliasVault affected by Cross-Site Scripting (XSS) via Email HTML Rendering

AliasVault is a privacy-first password manager with built-in email aliasing. A stored cross-site scripting XSS vulnerability was identified in the email rendering feature of AliasVault Web Client versions 0.25.3 and lower. When viewing received emails on an alias, the HTML content is rendered in ...

9.3CVSS5.8AI score0.00051EPSS

Exploits0References5

Microsoft CVE•added 2025/10/02 6:10 a.m.•4 views

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

...

9.3CVSS8.8AI score0.02766EPSS

Exploits1

RedHat Linux•added 2021/08/19 7:17 a.m.•0 views

snakeyaml: Billion laughs attack via alias feature

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...

7.5CVSS7.2AI score0.02766EPSS

Exploits1References4

OSV•added 2021/06/04 9:37 p.m.•0 views

GHSA-RVWF-54QP-4R6V SnakeYAML Entity Expansion during load operation

The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564...

7.5CVSS6.8AI score0.02766EPSS

Exploits1References63

RedhatCVE•added 2020/04/08 9:2 p.m.•50 views

CVE-2017-18640

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...

9.3CVSS3AI score0.02766EPSS

Exploits1References3

CNVD•added 2019/12/27 12:0 a.m.•1 views

SnakeYAML Denial of Service Vulnerability

SnakeYAML is a Java-based YAML parser . A security vulnerability exists in the Alias feature in SnakeYAML version 1.18. An attacker can exploit this vulnerability to cause a denial of service...

7.5CVSS7.2AI score0.02766EPSS

Exploits1References1

NVD•added 2019/12/12 3:15 a.m.•21 views

CVE-2017-18640

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...

7.5CVSS7.1AI score0.02766EPSS

Exploits1References59

OSV•added 2019/12/12 3:15 a.m.•25 views

CVE-2017-18640

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...

7.5CVSS6.8AI score

Exploits0References59

UbuntuCve•added 2019/12/12 3:15 a.m.•43 views

CVE-2017-18640

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...

7.5CVSS6.8AI score0.02766EPSS

Exploits1References4

Prion•added 2019/12/12 3:15 a.m.•21 views

Design/Logic Flaw

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564...

5CVSS6.8AI score0.02766EPSS

Exploits1References59Affected Software4

CVE•added 2019/12/12 12:0 a.m.•558 views

CVE-2017-18640

CVE-2017-18640 affects SnakeYAML; the vulnerability arises from entity expansion (Billion Laughs style) during load, allowing abuse of the alias feature. Affected versions are before 1.26 (e.g., SnakeYAML 1.25.x onward) with public mentions in multiple advisories showing a fix in 1.26. Fedora/Alm...

7.5CVSS7.1AI score0.02766EPSS

Exploits1References59Affected Software1