1. Home
  2. Packages
  3. maven
  4. org.yaml
  5. snakeyaml

pkg:maven/org.yaml/snakeyaml

Type maven
Namespace org.yaml
Name snakeyaml

Known advisories, vulnerabilities and fixes for org.yaml/snakeyaml package.

Repository
https://mvnrepository.com/artifact/org.yaml/snakeyaml
High 3
Moderate 5
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected < 1.31 CVE-2022-25857
maven MAVEN:GHSA-3MC7-4Q67-W48M Uncontrolled Resource Consumption in snakeyaml high 2022-08-31T00:00:24
(2 years ago)
Fixed = 1.31 CVE-2022-25857
maven MAVEN:GHSA-3MC7-4Q67-W48M Uncontrolled Resource Consumption in snakeyaml high 2022-08-31T00:00:24
(2 years ago)
Affected < 1.31 CVE-2022-38751
maven MAVEN:GHSA-98WM-3W3Q-MW94 snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write moderate 2022-09-06T00:00:27
(2 years ago)
Fixed = 1.31 CVE-2022-38751
maven MAVEN:GHSA-98WM-3W3Q-MW94 snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write moderate 2022-09-06T00:00:27
(2 years ago)
Affected < 1.32 CVE-2022-38752
maven MAVEN:GHSA-9W3M-GQGF-C4P9 snakeYAML before 1.32 vulnerable to Denial of Service due to Out-of-bounds Write moderate 2022-09-06T00:00:27
(2 years ago)
Fixed = 1.32 CVE-2022-38752
maven MAVEN:GHSA-9W3M-GQGF-C4P9 snakeYAML before 1.32 vulnerable to Denial of Service due to Out-of-bounds Write moderate 2022-09-06T00:00:27
(2 years ago)
Affected <= 1.18.2 < 1.31 = 1.25.1 CVE-2022-38749
maven MAVEN:GHSA-C4R9-R8FH-9VJ2 snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write moderate 2022-09-06T00:00:27
(2 years ago)
Fixed = 1.31 CVE-2022-38749
maven MAVEN:GHSA-C4R9-R8FH-9VJ2 snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write moderate 2022-09-06T00:00:27
(2 years ago)
Affected < 1.31 CVE-2022-38750
maven MAVEN:GHSA-HHHW-99GJ-P3C3 snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write moderate 2022-09-06T00:00:27
(2 years ago)
Fixed = 1.31 CVE-2022-38750
maven MAVEN:GHSA-HHHW-99GJ-P3C3 snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write moderate 2022-09-06T00:00:27
(2 years ago)
Affected <= 1.33 CVE-2022-1471
maven MAVEN:GHSA-MJMJ-J48Q-9WG2 SnakeYaml Constructor Deserialization Remote Code Execution high 2022-12-12T21:19:47
(21 months ago)
Fixed = 2.0 CVE-2022-1471
maven MAVEN:GHSA-MJMJ-J48Q-9WG2 SnakeYaml Constructor Deserialization Remote Code Execution high 2022-12-12T21:19:47
(21 months ago)
Affected < 1.26 CVE-2017-18640
maven MAVEN:GHSA-RVWF-54QP-4R6V SnakeYAML Entity Expansion during load operation high 2021-06-04T21:37:45
(3 years ago)
Fixed = 1.26 CVE-2017-18640
maven MAVEN:GHSA-RVWF-54QP-4R6V SnakeYAML Entity Expansion during load operation high 2021-06-04T21:37:45
(3 years ago)
Affected < 1.32 CVE-2022-41854
maven MAVEN:GHSA-W37G-RHQ8-7M4J Snakeyaml vulnerable to Stack overflow leading to denial of service moderate 2022-11-11T19:00:31
(22 months ago)
Fixed = 1.32 CVE-2022-41854
maven MAVEN:GHSA-W37G-RHQ8-7M4J Snakeyaml vulnerable to Stack overflow leading to denial of service moderate 2022-11-11T19:00:31
(22 months ago)