Snakeyaml Security Vulnerabilities and Issues — Snakeyaml CVE List

Lucene search

Snakeyaml ProjectSnakeyaml

2 matches found

CVE•added 2022/08/30 5:15 a.m.•568 views

CVE-2022-25857

The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.

7.5CVSS8.8AI score0.00299EPSS

CVE•added 2019/12/12 3:15 a.m.•514 views

CVE-2017-18640

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

7.5CVSS7.1AI score0.02166EPSS