6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.0%
Due to unbounded aliasing, a crafted YAML file can cause consumption of significant system resources. If parsing user supplied input, this may be used as a denial of service vector.
bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496
github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48
github.com/go-yaml/yaml/pull/555