pkg:maven/org.yaml/snakeyaml
Type
maven
Namespace
org.yaml
Name
snakeyaml
Known advisories, vulnerabilities and fixes for org.yaml/snakeyaml package.
High
3
Moderate
5
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | < 1.31 |
CVE-2022-25857
|
MAVEN:GHSA-3MC7-4Q67-W48M | Uncontrolled Resource Consumption in snakeyaml | high |
2022-08-31T00:00:24
(2 years ago) |
|
Fixed | = 1.31 |
CVE-2022-25857
|
MAVEN:GHSA-3MC7-4Q67-W48M | Uncontrolled Resource Consumption in snakeyaml | high |
2022-08-31T00:00:24
(2 years ago) |
|
Affected | < 1.31 |
CVE-2022-38751
|
MAVEN:GHSA-98WM-3W3Q-MW94 | snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write | moderate |
2022-09-06T00:00:27
(2 years ago) |
|
Fixed | = 1.31 |
CVE-2022-38751
|
MAVEN:GHSA-98WM-3W3Q-MW94 | snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write | moderate |
2022-09-06T00:00:27
(2 years ago) |
|
Affected | < 1.32 |
CVE-2022-38752
|
MAVEN:GHSA-9W3M-GQGF-C4P9 | snakeYAML before 1.32 vulnerable to Denial of Service due to Out-of-bounds Write | moderate |
2022-09-06T00:00:27
(2 years ago) |
|
Fixed | = 1.32 |
CVE-2022-38752
|
MAVEN:GHSA-9W3M-GQGF-C4P9 | snakeYAML before 1.32 vulnerable to Denial of Service due to Out-of-bounds Write | moderate |
2022-09-06T00:00:27
(2 years ago) |
|
Affected | <= 1.18.2 < 1.31 = 1.25.1 |
CVE-2022-38749
|
MAVEN:GHSA-C4R9-R8FH-9VJ2 | snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write | moderate |
2022-09-06T00:00:27
(2 years ago) |
|
Fixed | = 1.31 |
CVE-2022-38749
|
MAVEN:GHSA-C4R9-R8FH-9VJ2 | snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write | moderate |
2022-09-06T00:00:27
(2 years ago) |
|
Affected | < 1.31 |
CVE-2022-38750
|
MAVEN:GHSA-HHHW-99GJ-P3C3 | snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write | moderate |
2022-09-06T00:00:27
(2 years ago) |
|
Fixed | = 1.31 |
CVE-2022-38750
|
MAVEN:GHSA-HHHW-99GJ-P3C3 | snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write | moderate |
2022-09-06T00:00:27
(2 years ago) |
|
Affected | <= 1.33 |
CVE-2022-1471
|
MAVEN:GHSA-MJMJ-J48Q-9WG2 | SnakeYaml Constructor Deserialization Remote Code Execution | high |
2022-12-12T21:19:47
(21 months ago) |
|
Fixed | = 2.0 |
CVE-2022-1471
|
MAVEN:GHSA-MJMJ-J48Q-9WG2 | SnakeYaml Constructor Deserialization Remote Code Execution | high |
2022-12-12T21:19:47
(21 months ago) |
|
Affected | < 1.26 |
CVE-2017-18640
|
MAVEN:GHSA-RVWF-54QP-4R6V | SnakeYAML Entity Expansion during load operation | high |
2021-06-04T21:37:45
(3 years ago) |
|
Fixed | = 1.26 |
CVE-2017-18640
|
MAVEN:GHSA-RVWF-54QP-4R6V | SnakeYAML Entity Expansion during load operation | high |
2021-06-04T21:37:45
(3 years ago) |
|
Affected | < 1.32 |
CVE-2022-41854
|
MAVEN:GHSA-W37G-RHQ8-7M4J | Snakeyaml vulnerable to Stack overflow leading to denial of service | moderate |
2022-11-11T19:00:31
(22 months ago) |
|
Fixed | = 1.32 |
CVE-2022-41854
|
MAVEN:GHSA-W37G-RHQ8-7M4J | Snakeyaml vulnerable to Stack overflow leading to denial of service | moderate |
2022-11-11T19:00:31
(22 months ago) |