Lucene search
K

4 matches found

OSV
OSV
added 2025/04/28 12:7 p.m.4 views

USN-7465-1 mistral, python-mistral-lib vulnerabilities

It was discovered that Mistral incorrectly handled nested anchors in YAML files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-16848 Pierre Gaxatte discovered that Mistral incorrectly handled erroneous SSH private key...

7.5CVSS6.3AI score0.0152EPSS
Exploits0References4
OSV
OSV
added 2023/08/25 9:30 p.m.3 views

GHSA-VJ49-J7RC-H54F Esoteric YamlBeans XML Entity Expansion vulnerability

An issue was discovered in Esoteric YamlBeans through 1.15. A crafted YAML document is able perform am XML Entity Expansion attack against YamlBeans YamlReader. By exploiting the Anchor feature in YAML, it is possible to generate a small YAML document that, when read, is expanded to a large size,...

5.5CVSS5.9AI score0.00358EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/08/25 12:0 a.m.3 views

YamlBeans 代码问题漏洞

YamlBeans is an open source library from Esoteric Software. Can be easily Java object graph with YAML. A security vulnerability exists in Esoteric Software YamlBeans 1.15 and earlier versions, which stems from the ability of a carefully crafted YAML document to perform an XML entity expansion...

5.5CVSS5.6AI score0.00358EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/03/20 12:0 a.m.4 views

PT-2023-21575 · Kaml · Kaml

Name of the Vulnerable Software and Affected Versions: kaml versions prior to 0.53.0 Description: The issue affects applications that use kaml to parse untrusted input containing anchors and aliases, potentially leading to excessive memory consumption and crashes. This is related to a class of...

7.5CVSS7.3AI score0.00974EPSS
Exploits0References8
Rows per page
Query Builder