Yamlproject Yaml
By the Year
In 2024 there have been 0 vulnerabilities in Yamlproject Yaml . Last year Yaml had 1 security vulnerability published. Right now, Yaml is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.50 |
| 2022 | 3 | 6.83 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Yaml vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Yamlproject Yaml Security Vulnerabilities
Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5.
CVE-2023-2251
7.5 - High
- April 24, 2023
Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5.
Uncaught Exception
Parsing malicious or large YAML documents
CVE-2022-3064
7.5 - High
- December 27, 2022
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
Resource Exhaustion
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources
CVE-2021-4235
5.5 - Medium
- December 27, 2022
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
CVE-2022-28948
7.5 - High
- May 19, 2022
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
Marshaling, Unmarshaling
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for NetApp Astra Trident or by Yamlproject? Click the Watch button to subscribe.
