Описание
Uncontrolled recursion in rust-yaml
Affected versions of this crate did not prevent deep recursion while deserializing data structures. This allows an attacker to make a YAML file with deeply nested structures that causes an abort while deserializing it. The flaw was corrected by checking the recursion depth.
Пакеты
Наименование
yaml-rust
rust
Затронутые версииВерсия исправления
< 0.4.1
0.4.1
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 6 лет назад
An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization.
CVSS3: 7.5
nvd
больше 6 лет назад
An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization.
CVSS3: 7.5
debian
больше 6 лет назад
An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. ...