SnakeYAML features: * a complete YAML 1.1 parser. In particular, SnakeYAML can parse all examples from the specification. * Unicode support including UTF-8/UTF-16 input/output. * high-level API for serializing and deserializing native Java objects. * support for all types from the YAML types repository. * relatively sensible error messages.

OSVersionArchitecturePackageVersionFilename
Fedora37anysnakeyaml< 1.32UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	37	any	snakeyaml	< 1.32	UNKNOWN

openvas 7

fedora 2

redhat 44

oraclelinux 1

ibm 50

veracode 2

nvd 2

cve 2

redos 1

github 2

redhatcve 2

rocky 2

ubuntucve 2

nessus 41

cbl_mariner 2

debiancve 2

osv 8

prion 2

cvelist 2

almalinux 1

amazon 1

rubygems 1

debian 1

ubuntu 1

suse 1

freebsd 1

oracle 3

openvas

Fedora: Security Advisory for snakeyaml (FEDORA-2022-c01dd659fa)

2022-12-21 00:00:00

Fedora: Security Advisory for snakeyaml (FEDORA-2022-8a4e8aa190)

2022-12-21 00:00:00

Fedora: Security Advisory for picocli (FEDORA-2023-27ec59a486)

2023-07-08 00:00:00

fedora

[SECURITY] Fedora 36 Update: snakeyaml-1.32-1.fc36

2022-12-21 01:18:24

[SECURITY] Fedora 38 Update: picocli-4.7.4-1.fc38

2023-07-06 02:19:58

redhat

(RHSA-2022:6941) Important: Red Hat build of Quarkus Platform 2.7.6.SP1 and security update

2022-10-13 11:12:49

(RHSA-2022:6820) Moderate: prometheus-jmx-exporter security update

2022-10-06 07:13:19

(RHSA-2023:0577) Moderate: Red Hat build of Eclipse Vert.x 4.3.7 security update

2023-02-16 12:55:24

oraclelinux

prometheus-jmx-exporter security update

2022-10-06 00:00:00

ibm

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands that process yaml files may be vulnerable to denial of service due to CVE-2022-25857

2022-11-04 16:41:10

Security Bulletin: There is a security vulnerability in snakeYAML used by IBM Maximo Data Loader (CVE-2022-41854)

2023-03-28 13:29:35

Security Bulletin: IBM MQ Blockchain bridge is vulnerable to an issue identified in snakeyaml (CVE-2022-25857)

2023-02-03 19:33:13

veracode

Denial Of Service (DoS)

2022-08-31 02:31:21

Denial Of Service (DoS)

2022-11-17 12:37:25

nvd

CVE-2022-25857

2022-08-30 05:15:07

CVE-2022-41854

2022-11-11 13:15:11

cve

CVE-2022-41854

2022-11-11 13:15:11

CVE-2022-25857

2022-08-30 05:15:07

redos

ROS-20240514-05

2024-05-14 00:00:00

github

Snakeyaml vulnerable to Stack overflow leading to denial of service

2022-11-11 19:00:31

Uncontrolled Resource Consumption in snakeyaml

2022-08-31 00:00:24

redhatcve

CVE-2022-41854

2022-12-09 13:34:48

CVE-2022-25857

2022-09-14 12:44:14

rocky

prometheus-jmx-exporter security update

2022-10-06 07:13:19

Satellite 6.13 Release

2023-05-05 15:39:58

ubuntucve

CVE-2022-41854

2022-11-11 00:00:00

CVE-2022-25857

2022-08-30 00:00:00

nessus

Fedora 36 : snakeyaml (2022-8a4e8aa190)

2022-12-23 00:00:00

Fedora 38 : picocli (2023-27ec59a486)

2023-07-06 00:00:00

RHEL 7 : dev-java_snakeyaml (Unpatched Vulnerability)

2024-05-11 00:00:00

cbl_mariner

CVE-2022-41854 affecting package snakeyaml 1.25-2

2024-09-28 21:12:13

CVE-2022-25857 affecting package snakeyaml 1.25-2

2024-09-28 21:12:13

debiancve

CVE-2022-41854

2022-11-11 13:15:11

CVE-2022-25857

2022-08-30 05:15:07

osv

Snakeyaml vulnerable to Stack overflow leading to denial of service

2022-11-11 19:00:31

CVE-2022-41854

2022-11-11 13:15:11

CVE-2022-25857

2022-08-30 05:15:07

prion

Stack overflow

2022-11-11 13:15:00

Design/Logic Flaw

2022-08-30 05:15:00

cvelist

CVE-2022-41854 Stack Overflow in Snakeyaml

2022-11-11 13:10:10

CVE-2022-25857 Denial of Service (DoS)

2022-08-30 05:05:11

almalinux

Moderate: prometheus-jmx-exporter security update

2022-10-06 00:00:00

amazon

Important: snakeyaml

2023-03-02 22:35:00

rubygems

CVE-2022-25857 jruby/psych/snakeyaml: Denial of Service (DoS) due missing to nested depth limitation for collections

2022-02-23 21:00:00

debian

[SECURITY] [DLA 3132-1] snakeyaml security update

2022-10-02 22:06:40

ubuntu

SnakeYAML vulnerabilities

2023-03-10 00:00:00

suse

Security update for snakeyaml (important)

2022-09-26 00:00:00

freebsd

cassandra3 -- multiple vulnerabilities

2023-01-11 00:00:00

oracle

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.006

Percentile

78.8%

JSON

Related for FEDORA:4D64030B6E58