High severityNVD Advisory· Published Aug 26, 2019· Updated Aug 5, 2024
CVE-2018-20993
CVE-2018-20993
Description
An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
yaml-rustcrates.io | < 0.4.1 | 0.4.1 |
Affected products
2- Rust/yaml-rust cratedescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-hv87-47h9-jcvqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-20993ghsaADVISORY
- github.com/chyh1990/yaml-rust/commit/d61b49cb90391fc4f7f72a1abe597476c8651a07ghsaWEB
- github.com/chyh1990/yaml-rust/pull/109ghsaWEB
- rustsec.org/advisories/RUSTSEC-2018-0006.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.