Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:36955
HistorySep 06, 2022 - 8:12 a.m.

Denial Of Service (DoS)

2022-09-0608:12:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
snakeyaml
vulnerability
dos attack
input validation
malicious yaml file

EPSS

0.001

Percentile

46.9%

snakeyaml is vulnerable to Denial Of Service (DoS). The vulnerability exists in the resolve.java due to a lack of input validation, allowing an attacker to crash the system via malicious yaml file.