Filtered by vendor Yaml Project Subscriptions
Filtered by product Yaml Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-4235 2 Redhat, Yaml Project 3 Openshift, Openshift Data Foundation, Yaml 2024-08-03 5.5 Medium
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
CVE-2022-28948 3 Netapp, Redhat, Yaml Project 4 Astra Trident, Cryostat, Openshift Devspaces and 1 more 2024-08-03 7.5 High
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
CVE-2022-3064 2 Redhat, Yaml Project 7 Enterprise Linux, Openshift, Openshift Devspaces and 4 more 2024-08-03 7.5 High
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
CVE-2023-2251 1 Yaml Project 1 Yaml 2024-08-02 7.5 High
Uncaught Exception in GitHub repository eemeli/yaml prior to 2.0.0-5.