CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1010182

yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of service by impossible to catch abort. The component is: YamlLoader::load_from_str function. The attack vector is: Parsing of a malicious YAML document. The fixed version is: 0.4.1 and later.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 53.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

Products affected by CVE-2019-1010182

Yaml-Rust Project » Yaml-Rust » Version: N/A

cpe:2.3:a:yaml-rust_project:yaml-rust:-
Yaml-Rust Project » Yaml-Rust » Version: 0.2.0

cpe:2.3:a:yaml-rust_project:yaml-rust:0.2.0
Yaml-Rust Project » Yaml-Rust » Version: 0.2.1

cpe:2.3:a:yaml-rust_project:yaml-rust:0.2.1
Yaml-Rust Project » Yaml-Rust » Version: 0.2.2

cpe:2.3:a:yaml-rust_project:yaml-rust:0.2.2
Yaml-Rust Project » Yaml-Rust » Version: 0.3.0

cpe:2.3:a:yaml-rust_project:yaml-rust:0.3.0
Yaml-Rust Project » Yaml-Rust » Version: 0.3.1

cpe:2.3:a:yaml-rust_project:yaml-rust:0.3.1
Yaml-Rust Project » Yaml-Rust » Version: 0.3.2

cpe:2.3:a:yaml-rust_project:yaml-rust:0.3.2
Yaml-Rust Project » Yaml-Rust » Version: 0.3.3

cpe:2.3:a:yaml-rust_project:yaml-rust:0.3.3
Yaml-Rust Project » Yaml-Rust » Version: 0.3.4

cpe:2.3:a:yaml-rust_project:yaml-rust:0.3.4
Yaml-Rust Project » Yaml-Rust » Version: 0.3.5

cpe:2.3:a:yaml-rust_project:yaml-rust:0.3.5
Yaml-Rust Project » Yaml-Rust » Version: 0.3.7

cpe:2.3:a:yaml-rust_project:yaml-rust:0.3.7
Yaml-Rust Project » Yaml-Rust » Version: 0.3.9

cpe:2.3:a:yaml-rust_project:yaml-rust:0.3.9
Yaml-Rust Project » Yaml-Rust » Version: 0.4.0

cpe:2.3:a:yaml-rust_project:yaml-rust:0.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1010182

Products

Pricing

Contact Us