Lucene search
K

7 matches found

NVD
NVD
added 2026/06/30 5:16 p.m.8 views

CVE-2026-49451

The OpenAPI.NET SDK contains a useful object model for OpenAPI documents in .NET along with common serializers to extract raw OpenAPI JSON and YAML documents from the model. From 2.0.0-preview11 until 2.7.5 and 3.5.4, a small OpenAPI document containing a circular schema reference can cause proce...

7.5CVSS0.00695EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 4:1 p.m.176 views

CVE-2026-49451

The issue affects the OpenAPI.NET SDK used for OpenAPI document parsing in .NET. A circular schema reference in a small OpenAPI document can cause process termination via stack overflow when using public OpenAPI.NET reader APIs, applicable to both JSON and YAML paths. Affected versions range from...

7.5CVSS5.8AI score0.00695EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/06/30 3:56 p.m.13 views

Microsoft.OpenAPI: Circular schema references may terminate OpenAPI parsing

Impact A small OpenAPI document containing a circular schema reference can cause process termination through stack overflow in Microsoft.OpenApi. The issue affects OpenAPI document parsing through public OpenAPI.NET reader APIs and has been confirmed across both JSON and YAML reader paths. Affect...

7.5CVSS6.2AI score0.00695EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/24 12:6 a.m.5 views

CVE-2026-33320

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...

6.2CVSS6AI score0.00211EPSS
Exploits1
OSV
OSV
added 2026/03/19 12:50 p.m.2 views

GHSA-4FCP-JXH7-23X8 Dasel has unbounded YAML alias expansion in dasel leads to CPU/memory denial of service

Summary dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the library's own UnmarshalYAML implementation, which manually resolves alias nodes by recursively following yaml.Node.Alias pointers without any...

6.2CVSS5.9AI score0.00211EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.5 views

PT-2026-26480

Name of the Vulnerable Software and Affected Versions Dasel versions 3.0.0 through 3.3.1 Description Dasel’s YAML reader is susceptible to excessive CPU and memory consumption when processing YAML data supplied by an attacker. This occurs because the library’s UnmarshalYAML implementation...

6.2CVSS5.8AI score0.00211EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/08/25 12:0 a.m.7 views

PT-2023-19712 · Esoteric · Esoteric Yamlbeans

Name of the Vulnerable Software and Affected Versions: Esoteric YamlBeans versions through 1.15 Description: An issue was discovered in Esoteric YamlBeans where a crafted YAML document can perform an XML Entity Expansion attack against YamlBeans YamlReader. By exploiting the Anchor feature in YAM...

5.5CVSS5.2AI score0.00358EPSS
Exploits1References13
Rows per page
Query Builder