CVE-2022-28948

Опубликовано: 19 мая 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.

Ссылки

https://github.com/go-yaml/yaml/issues/666
Exploit
Issue Tracking
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220923-0006/
Third Party Advisory
https://github.com/go-yaml/yaml/issues/666
Exploit
Issue Tracking
Patch
Third Party Advisory
https://security.netapp.com/advisory/ntap-20220923-0006/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:yaml_project:yaml:3.0.0:*:*:*:*:go:*:*

Конфигурация 2

cpe:2.3:a:netapp:astra_trident:-:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01524

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-502

Связанные уязвимости

CVE-2022-28948

CVSS3: 7.5

ubuntu

больше 3 лет назад

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.

CVE-2022-28948

CVSS3: 7.5

redhat

больше 3 лет назад

An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.

CVE-2022-28948

CVSS3: 7.5

msrc

около 2 лет назад

Описание отсутствует

CVE-2022-28948

CVSS3: 7.5

debian

больше 3 лет назад

An issue in the Unmarshal function in Go-Yaml v3 causes the program to ...

SUSE-SU-2025:03001-1

suse-cvrf

5 месяцев назад

Security update for ignition

EPSS

Процентиль: 81%

0.01524

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-502