Go-Yaml 资源管理错误漏洞

Go-Yaml is a Yaml support for the Go language. It enables Go programs to easily encode and decode Yaml values. A security vulnerability exists in Go-Yaml, which stems from the fact that parsing malicious or large YAML documents may consume too much CPU or memory...

PT-2022-19325 · Go-Yaml +2 · Go-Yaml +2

Name of the Vulnerable Software and Affected Versions: Go-Yaml version v3 Description: An issue in the Unmarshal function causes the program to crash or panic when attempting to deserialize invalid input. Recommendations: For Go-Yaml version v3, consider validating input data before attempting to...