CVE-2022-28948 – golang-gopkg-yaml: crash when attempting to deserialize invalid input
https://notcve.org/view.php?id=CVE-2022-28948
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input. Un problema en la función Unmarshal de Go-Yaml versión v3, causa el bloqueo del programa cuando intenta de serializar una entrada no válida A flaw was found in the Unmarshal function in Go-Yaml. This vulnerability results in program crashes when attempting to convert (or deserialize) invalid input data, potentially impacting system stability and reliability. • https://github.com/go-yaml/yaml/issues/666 https://security.netapp.com/advisory/ntap-20220923-0006 https://access.redhat.com/security/cve/CVE-2022-28948 https://bugzilla.redhat.com/show_bug.cgi?id=2088748 • CWE-502: Deserialization of Untrusted Data •