Yaml Project: Security Vulnerabilities
Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-04-24
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
CVSS Score
7.5
EPSS Score
0.019
Published
2022-12-27
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-12-27
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
CVSS Score
7.5
EPSS Score
0.009
Published
2022-05-19