2 matches found
PT-2024-14104 · Snakeyaml +1 · Snakeyaml +1
Name of the Vulnerable Software and Affected Versions: Hertzbeat versions prior to 1.4.1 Description: Hertzbeat is a real-time monitoring system. At the interface of "/define/yml", SnakeYAML is used as a parser to parse yml content, but no security configuration is used, resulting in a YAML...
PT-2022-23200 · Immudb · Immudb
Name of the Vulnerable Software and Affected Versions: immudb versions prior to 1.4.1 Description: immudb is a database with built-in cryptographic proof and verification. A malicious immudb server can provide a falsified proof that will be accepted by the client SDK, signing a falsified...