Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:22914
HistoryApr 02, 2020 - 3:17 a.m.

Denial Of Service (DoS)

2020-04-0203:17:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
denial of service
github.com/go-yaml/yaml
vulnerable
authorized user
malicious payloads
kube-apiserver
cpu consumption

EPSS

0.001

Percentile

42.9%

github.com/go-yaml/yaml is vulnerable to denial of service. An authorized user is able to crash the application by sending malicious YAML payloads to cause kube-apiserver to consume excessive CPU cycles.