55 matches found
Denial Of Service (DoS)
snakeyaml is vulnerable to denial of service. The vulnerability exists in the Composer function of Composer.java as it does not properly restrict the nested depth limitation for collections which allows an attacker to crash the application through the stack overflow by providing malicious yaml...
Denial Of Service (DoS)
snakeyaml is vulnerable to Denial Of Service DoS. The vulnerability exists in the Composer function of Composer.java as it does not properly restrict the nested depth limitation for collections, allowing an attacker to crash the application through the stack overflow by providing malicious yaml...
Uncontrolled Resource Consumption in snakeyaml
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
GHSA-3MC7-4Q67-W48M Uncontrolled Resource Consumption in snakeyaml
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
DEBIAN-CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
Design/Logic Flaw
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
UBUNTU-CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
CVE-2022-25857 Denial of Service (DoS)
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections...
PT-2022-6923 · Unknown +8 · Org.Yaml:Snakeyaml +8
Name of the Vulnerable Software and Affected Versions: org.yaml:snakeyaml versions 0 through 1.30 Description: The issue is related to a Denial of Service DoS vulnerability due to missing nested depth limitation for collections in the SnakeYAML library, which is used for serialization and...
CVE-2022-25857 jruby/psych/snakeyaml: Denial of Service (DoS) due missing to nested depth limitation for collections
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service DoS due missing to nested depth limitation for collections. This package is bundled into Psych which is in turn bundled into jruby...