5
CVSSv2

CVE-2017-18640

Published: 12/12/2019 Updated: 06/02/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

Vulnerability Trend

Affected Products

Vendor Product Versions
Snakeyaml ProjectSnakeyaml1.18

Github Repositories