Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : prometheus-jmx-exporter-0.12.0-6.el8 (AXSA:2021-1339:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1339:01 advisory. snakeyaml: Billion laughs attack via alias feature CVE-2017-18640 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

7.5CVSS6.9AI score0.26723EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2025/03/25 12:0 a.m.10 views

Ubuntu: Security Advisory (USN-7368-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.26723EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2017-18640

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564. CVE-2017-18640 Note that Nessus...

9.3CVSS6.5AI score0.26723EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.25 views

CVE-2017-18640 affecting package snakeyaml 1.25-2

CVE-2017-18640 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never applicable...

7.5CVSS9.6AI score0.26723EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.27 views

Rocky Linux 8 : prometheus-jmx-exporter (RLSA-2020:4807)

The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2020:4807 advisory. - The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564. CVE-2017-18640 Note that Nessus h...

9.3CVSS6.7AI score0.26723EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/05/21 12:0 a.m.56 views

GLSA-202305-28 : snakeyaml: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202305-28 snakeyaml: Multiple Vulnerabilities - The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564. CVE-2017-18640 - Using snakeYAML to parse untrusted YAML...

9.3CVSS6.9AI score0.26723EPSS
Exploits2References8
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/21 5:48 a.m.31 views

Security Bulletin: Vulnerabilities in SnakeYAML used by Logstash affects IBM Operations Analytics - Log Analysis (CVE-2022-25857, CVE-2017-18640)

Summary Multiple vulnerabilities in SnakeYAML affects IBM Operations Analytics - Log Analysis. It has been fixed. The vulnerabilities are in the Vulnerability Details section. Vulnerability Details CVEID:CVE-2022-25857 DESCRIPTION: Java package org.yaml:snakeyam is vulnerable to a denial of...

7.5CVSS7.9AI score0.26723EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/09 7:59 p.m.31 views

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to denial of service due to SnakeYAML (CVE-2017-18640)

Summary MyFG 2.0 of IBM Sterling B2B Integrator uses SnakeYAML. There is a denial of service vulnerability in SnakeYAML which has been addressed. Vulnerability Details CVEID:CVE-2017-18640 DESCRIPTION: SnakeYAML is vulnerable to a denial of service, caused by an entity expansion in Alias feature...

7.5CVSS7.4AI score0.26723EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.68 views

AlmaLinux 8 : prometheus-jmx-exporter (ALSA-2020:4807)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2020:4807 advisory. - The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564. CVE-2017-18640 Note that Nessus has not...

9.3CVSS6.7AI score0.26723EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.40 views

openSUSE 15 Security Update : snakeyaml (openSUSE-SU-2021:1876-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1876-1 advisory. - The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564. CVE-2017-18640 Note that...

9.3CVSS6.7AI score0.26723EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/07/13 12:0 a.m.33 views

openSUSE: Security Advisory for snakeyaml (openSUSE-SU-2021:1876-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.26723EPSS
Exploits1References2
OSV
OSV
added 2021/07/11 8:53 a.m.8 views

OPENSUSE-SU-2021:1876-1 Security update for snakeyaml

This update for snakeyaml fixes the following issues: - Upgrade to 1.28 - CVE-2017-18640: The Alias feature allows entity expansion during a load operation bsc1159488, bsc1186088...

7.5CVSS7.4AI score0.26723EPSS
Exploits1References4
OSV
OSV
added 2021/06/15 11:6 a.m.6 views

SUSE-SU-2021:1978-1 Security update for snakeyaml

This update for snakeyaml fixes the following issues: - Upgrade to 1.28 - CVE-2017-18640: The Alias feature allows entity expansion during a load operation bsc1159488, bsc1186088...

7.5CVSS7.5AI score0.26723EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/06/10 12:0 a.m.34 views

openSUSE Security Update : snakeyaml (openSUSE-2021-855)

This update for snakeyaml fixes the following issues : - Upgrade to 1.28 - CVE-2017-18640: The Alias feature allows entity expansion during a load operation bsc1159488, bsc1186088 This update was imported from the SUSE:SLE-15-SP2:Update update project. %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS6.7AI score0.26723EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2021:1876-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.26723EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.30 views

openSUSE: Security Advisory for snakeyaml (openSUSE-SU-2021:0855-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.26723EPSS
Exploits1References2
OSV
OSV
added 2021/06/08 5:3 a.m.10 views

OPENSUSE-SU-2021:0855-1 Security update for snakeyaml

This update for snakeyaml fixes the following issues: - Upgrade to 1.28 - CVE-2017-18640: The Alias feature allows entity expansion during a load operation bsc1159488, bsc1186088 This update was imported from the SUSE:SLE-15-SP2:Update update project...

7.5CVSS7.4AI score0.26723EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.102 views

CentOS 8 : prometheus-jmx-exporter (CESA-2020:4807)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2020:4807 advisory. - snakeyaml: Billion laughs attack via alias feature CVE-2017-18640 Note that Nessus has not tested for this issue but has instead relied only on the...

7.5CVSS6.8AI score0.26723EPSS
Exploits1References2
Oracle linux
Oracle linux
added 2020/11/10 12:0 a.m.68 views

prometheus-jmx-exporter security update

0.12.0-6 - Fix CVE-2017-18640 by using updated snakeyaml...

7.5CVSS1.7AI score0.26723EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/11/04 1:56 a.m.38 views

Moderate: Red Hat Security Advisory: prometheus-jmx-exporter security update

An update for prometheus-jmx-exporter is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.26723EPSS
Exploits1References3
Rows per page
Query Builder