Описание
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
Ссылки
- PatchThird Party Advisory
- ExploitPatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- ExploitPatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.2.3 (исключая)
cpe:2.3:a:yaml_project:yaml:*:*:*:*:*:go:*:*
EPSS
Процентиль: 16%
0.00053
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.5
ubuntu
около 3 лет назад
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
CVSS3: 5.5
redhat
около 3 лет назад
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
CVSS3: 5.5
debian
около 3 лет назад
Due to unbounded alias chasing, a maliciously crafted YAML file can ca ...
EPSS
Процентиль: 16%
0.00053
Низкий
5.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo