Lucene search
+L

5 matches found

RedHat Linux
RedHat Linux
added 2025/05/05 12:13 a.m.9 views

snakeyaml: Denial of Service due to missing nested depth limitation for collections

A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service DoS due to missing nested depth limitation for collections...

7.5CVSS6.8AI score0.02191EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2023/12/07 1:41 p.m.9 views

snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service...

6.5CVSS6.8AI score0.01642EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/03/01 9:58 p.m.6 views

snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash, resulting in a denial of service...

6.5CVSS6.8AI score0.01642EPSS
Exploits0References4
CNVD
CNVD
added 2023/02/21 12:0 a.m.60 views

IBM Aspera Faspex Deserialization Vulnerability

IBM Aspera is an IBM FASP protocol-based fast file transfer and streaming solution from International Business Machines IBM. IBM Aspera Faspex version 4.4.2 Patch Level 1 and prior versions contain a deserialization vulnerability that stems from a YAML deserialization flaw. An attacker could use...

9.8CVSS6.3AI score0.99968EPSS
Exploits5References1
RedHat Linux
RedHat Linux
added 2023/01/17 7:29 p.m.6 views

go-yaml: Denial of Service in go-yaml

A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...

5.5CVSS7.2AI score0.00415EPSS
Exploits1References7
Rows per page
Query Builder