Known Vulnerabilities for products from Snakeyaml Project
Listed below are 8 of the newest known vulnerabilities associated with the vendor "Snakeyaml Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-41854 json | Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is ru... | 6.5 - MEDIUM | 2022-11-11 | 2024-03-15 |
| CVE-2022-38752 json | Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running ... | 6.5 - MEDIUM | 2022-09-05 | 2024-03-15 |
| CVE-2022-38751 json | Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running ... | 6.5 - MEDIUM | 2022-09-05 | 2024-03-15 |
| CVE-2022-38750 json | Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running ... | 5.5 - MEDIUM | 2022-09-05 | 2024-03-15 |
| CVE-2022-38749 json | Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running ... | 6.5 - MEDIUM | 2022-09-05 | 2024-03-15 |
| CVE-2022-25857 json | The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth l... | 7.5 - HIGH | 2022-08-30 | 2024-03-15 |
| CVE-2022-1471 json | SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml... | 9.8 - CRITICAL | 2022-12-01 | 2023-11-19 |
| CVE-2017-18640 json | The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564. | 7.5 - HIGH | 2019-12-12 | 2023-11-07 |
Known software with vulnerabilities from Snakeyaml Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Snakeyaml Project | Snakeyaml | 1.10 |