11 matches found
go-yaml: Denial of Service in go-yaml
A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
Denial Of Service (DoS)
github.com/go-yaml/yaml is vulnerable to denial of service.The vulnerability exists in multiple functions of decode.go due to unbounded alias chasing which allows an attacker to cause an application crash via malicious input...
GHSA-R88R-GMRH-7J83 YAML Go package vulnerable to denial of service
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
AZL-43918 CVE-2021-4235 affecting package buildah 1.18.0-29
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
AZL-43447 CVE-2021-4235 affecting package delve 1.5.0-20
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
CVE-2021-4235
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
AZL-45237 CVE-2021-4235 affecting package podman for versions less than 5.6.1-2
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
CVE-2021-4235 Denial of service in gopkg.in/yaml.v2
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
CVE-2021-4235 Denial of service in gopkg.in/yaml.v2
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
GO-2021-0061 Denial of service in gopkg.in/yaml.v2
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
PT-2021-23588 · Linux Mint +1 · Linuxmint +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to unbounded alias chasing in YAML files. A maliciously crafted YAML file can cause the system to consume significant system...