3 matches found
CVE-2019-1010183
serde serdeyaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of service by aborting. The component is: from functions all deserialization functions. The attack vector is: Parsing a malicious YAML file. The fixed version is: 0.8.4 and later...
CVE-2019-1010183
serde serdeyaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of service by aborting. The component is: from functions all deserialization functions. The attack vector is: Parsing a malicious YAML file. The fixed version is: 0.8.4 and later...
CVE-2019-1010183
The CVE-2019-1010183 entry concerns the Rust serde_yaml library (versions 0.6.0–0.8.3). The root cause is Uncontrolled Recursion in the from_* deserialization functions, enabling a Denial of Service when parsing a malicious YAML file. The impact is described as availability impact (Partial in CVS...