Critical severity9.8NVD Advisory· Published Feb 19, 2020· Updated Jun 17, 2026
CVE-2020-8441
CVE-2020-8441
Description
JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load() function. NOTE: this is a discontinued product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jyaml:jyamlMaven | <= 1.3 | — |
Affected products
3- JYaml/JYamldescription
Patches
Vulnerability mechanics
References
8- gist.github.com/j0lt-github/f5141abcacae63d434ecae211422153anvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-4qhr-q7wf-94xpghsaADVISORY
- github.com/mbechler/marshalsec/blob/master/marshalsec.pdfnvdTechnical DescriptionThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2020-8441ghsaADVISORY
- sourceforge.net/p/jyaml/bugs/nvdThird Party Advisory
- security.netapp.com/advisory/ntap-20200313-0001ghsaWEB
- sourceforge.net/p/jyaml/bugsghsaWEB
- security.netapp.com/advisory/ntap-20200313-0001/nvd
News mentions
0No linked articles in our index yet.