Lucene search
Veracode Vulnerability DatabaseVERACODE:40279HistoryApr 25, 2023 - 9:35 a.m.
Denial Of Service (DoS)
2023-04-2509:35:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
denial of service
yaml
parsedocument
parsealldocuments
prettifyerror
application crash
EPSS
0.001
Percentile
42.9%
yaml is vulnerable to Denial of Service (DoS) attacks. According to the documentation, the parseDocument and parseAllDocuments functions should never raise an exception. However, an exception that comes from the prettifyError function is thrown when these functions are given erroneous input that contains a lot (80) of carriage return characters (\r), which allows an attacker to cause an application crash.
Related
prion
prion
Code injection
2023-04-24 15:15:00
osv
osv
Uncaught Exception in yaml
2023-04-24 15:30:34
CVE-2023-2251
2023-04-24 15:15:08
ibm
ibm
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service due to [CVE-2023-2251]
2023-05-25 12:03:00
cvelist
cvelist
CVE-2023-2251 Uncaught Exception in eemeli/yaml
2023-04-24 00:00:00
github
github
Uncaught Exception in yaml
2023-04-24 15:30:34
ubuntucve
ubuntucve
CVE-2023-2251
2023-04-24 00:00:00
alpinelinux
alpinelinux
CVE-2023-2251
2023-04-24 15:15:08
cve
cve
CVE-2023-2251
2023-04-24 15:15:08
debiancve
debiancve
CVE-2023-2251
2023-04-24 15:15:08
huntr
huntr
Uncaught exception in document parsing functions
2023-04-22 13:56:46
nvd
nvd
CVE-2023-2251
2023-04-24 15:15:08