0.001 Low
EPSS
Percentile
37.9%
gopkg.in/yaml.v3 is vulnerable to denial of service. The vulnerability exists when the deserializing input data through the unmarshal function of yaml.go, allowing an attacker to crash the application by providing invalid YAML data.
unmarshal
yaml.go
github.com/advisories/GHSA-hp87-p4gw-j4gq
github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754
github.com/go-yaml/yaml/issues/666
security.netapp.com/advisory/ntap-20220923-0006/