serde serde_yaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion. The impact is: Denial of service by aborting. The component is: from_* functions (all deserialization functions). The attack vector is: Parsing a malicious YAML file. The fixed version is: 0.8.4 and later.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/dtolnay/serde-yaml/pull/105 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: dwf
Published: 2019-07-25T12:50:56
Updated: 2024-08-05T03:07:18.455Z
Reserved: 2019-03-20T00:00:00
Link: CVE-2019-1010183
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-07-25T13:15:11.593
Modified: 2024-11-21T04:18:02.057
Link: CVE-2019-1010183
Redhat
No data.