CVE-2022-38752 – DoS in SnakeYAML
https://notcve.org/view.php?id=CVE-2022-38752
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. El uso de snakeYAML para analizar archivos YAML no confiables puede ser vulnerable a ataques de Denegación de Servicio (DOS). Si el analizador es ejecutado en la entrada suministrada por el usuario, un atacante puede suministrar contenido que hace que el analizador sea bloqueado por desbordamiento de pila A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash. • https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz-47081 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47081 https://security.gentoo.org/glsa/202305-28 https://security.netapp.com/advisory/ntap-20240315-0009 https://access.redhat.com/security/cve/CVE-2022-38752 https://bugzilla.redhat.com/show_bug.cgi?id=2129710 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2022-25857 – Denial of Service (DoS)
https://notcve.org/view.php?id=CVE-2022-25857
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections. El paquete org.yaml:snakeyaml versiones desde 0 y anteriores a 1.31, son vulnerables a una Denegación de Servicio (DoS) debido a una falta de limitación de profundidad anidada para las colecciones A flaw was found in the org.yaml.snakeyaml package. This flaw allows an attacker to cause a denial of service (DoS) due to missing nested depth limitation for collections. • https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174 https://bitbucket.org/snakeyaml/snakeyaml/issues/525 https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174 https://lists.debian.org/debian-lts-announce/2022/10/msg00001.html https://security.netapp.com/advisory/ntap-20240315-0010 https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360 https://access.redhat.com/security/cve/CVE-2022-25857 https://bugzilla.redhat.com/show_bug.cgi?id=2126789 • CWE-400: Uncontrolled Resource Consumption CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVE-2017-18640 – snakeyaml: Billion laughs attack via alias feature
https://notcve.org/view.php?id=CVE-2017-18640
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564. La función Alias en SnakeYAML antes de la versión 1.26 permite la expansión de entidades durante una operación de carga, un problema relacionado con CVE-2003-1564 • https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack https://bitbucket.org/snakeyaml/snakeyaml/issues/377 https://bitbucket.org/snakeyaml/snakeyaml/wiki/Changes https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457%40%3Ccommits.atlas.apache.org%3E https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1%40%3Ccommon-issues.hadoop.apache.org%3E https://lists.apach • CWE-122: Heap-based Buffer Overflow CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •