Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
yaml project yaml vulnerabilities and exploits
(subscribe to this query)
384
VMScore
CVE-2018-20573
The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote malicious users to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
Yaml-cpp Project Yaml-cpp 0.6.2
383
VMScore
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote malicious users to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
Yaml-cpp Project Yaml-cpp 0.5.3
385
VMScore
CVE-2019-6292
An issue exists in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Re...
Yaml-cpp Project Yaml-cpp 0.6.2
446
VMScore
CVE-2022-28948
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
Yaml Project Yaml 3.0.0
Netapp Astra Trident -
2 Github repositories
409
VMScore
CVE-2019-3575
Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixture_text argument in sqla_yaml_fixtures.load.
Sqla Yaml Fixtures Project Sqla Yaml Fixtures 0.9.1
668
VMScore
CVE-2017-16615
An exploitable vulnerability exists in the YAML parsing functionality in the parse_yaml_query method in parser.py in MLAlchemy prior to 0.2.2. When processing YAML-Based queries for data, a YAML parser can execute arbitrary Python commands resulting in command execution because l...
Mlalchemy Project Mlalchemy 0.1.1
Mlalchemy Project Mlalchemy 0.1.2
Mlalchemy Project Mlalchemy 0.1.3
Mlalchemy Project Mlalchemy 0.2.0
Mlalchemy Project Mlalchemy 0.2.1
668
VMScore
CVE-2017-16618
An exploitable vulnerability exists in the YAML loading functionality of util.py in OwlMixin prior to 2.0.0a12. A "Load YAML" string or file (aka load_yaml or load_yamlf) can execute arbitrary Python commands resulting in command execution because load is used where saf...
Owlmixin Project Owlmixin
Owlmixin Project Owlmixin 2.0.0
668
VMScore
CVE-2017-16616
An exploitable vulnerability exists in the YAML parsing functionality in the YAMLParser method in Interfaces.py in PyAnyAPI prior to 0.6.1. A YAML parser can execute arbitrary Python commands resulting in command execution because load is used where safe_load should have been use...
Pyanyapi Project Pyanyapi
668
VMScore
CVE-2017-16763
An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being loaded from "~/.confire.yaml" using the yaml.load function, a YAML parser can execute arbitrary Python commands resulting in...
Confire Project Confire 0.2.0
NA
CVE-2023-47163
Remarshal prior to v0.17.1 expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack. Processing untrusted YAML files may cause a denial-of-service (DoS) condition.
Remarshal Project Remarshal
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »