Debian Bug report logs -
#1021014
snakeyaml: CVE-2022-38752
Package:
src:snakeyaml;
Maintainer for src:snakeyaml is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>;
Reported by: Moritz Mühlenhoff <jmm@inutilorg>
Date: Fri, 30 Sep 2022 14:48:03 UTC
Severity: important
Tags: security, upstream
...
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS) If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow (CVE-2022-38752) ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 7410 security update
Type/Severity
Security Advisory: Important
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 74Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: Red Hat build of Eclipse Vertx 433 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat build of Eclipse VertxRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives ...
Synopsis
Important: Satellite 613 Release
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat Satellite 613 The release contains anew version of Satellite and important security fixes ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 7410 on RHEL 9 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
A security update is now available for Red Hat JBoss Enterprise Applicatio ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 7410 on RHEL 8 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
A security update is now available for Red Hat JBoss Enterprise Applicatio ...
Synopsis
Important: Red Hat JBoss Enterprise Application Platform 7410 on RHEL 7 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
A security update is now available for Red Hat JBoss Enterprise Applicatio ...
Synopsis
Moderate: Red Hat Single Sign-On 763 for OpenShift image security update
Type/Severity
Security Advisory: Moderate
Topic
A new image is available for Red Hat Single Sign-On 763, running on RedHat OpenShift Container Platform from the release of 311 up to the releaseof 4120Red Hat Product Security has rated this update as havi ...
Synopsis
Moderate: Red Hat Single Sign-On 763 security update on RHEL 7
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
New Red Hat Single Sign-On 763 packages are now available for Red Hat Enterprise Linux 7Red Hat P ...
Synopsis
Important: Red Hat Integration Camel for Spring Boot 3183 Patch 2 release
Type/Severity
Security Advisory: Important
Topic
Camel for Spring Boot 3183 Patch 2 release and security update is now availableRed Hat Product Security has rated this update as having an impact of Important A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis
Moderate: Red Hat AMQ Streams 230 release and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat AMQ Streams 230 is now available from the Red Hat Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, wh ...
Synopsis
Moderate: Red Hat Single Sign-On 763 security update
Type/Severity
Security Advisory: Moderate
Topic
A security update is now available for Red Hat Single Sign-On 76 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base sco ...
Synopsis
Important: Red Hat Data Grid 840 security update
Type/Severity
Security Advisory: Important
Topic
An update for Red Hat Data Grid 8 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating ...
Description
The MITRE CVE dictionary describes this issue as:
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS) If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow ...