VYPR
Medium severity5.5NVD Advisory· Published Dec 27, 2022· Updated Jun 17, 2026

CVE-2021-4235

CVE-2021-4235

Description

Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
gopkg.in/yaml.v2Go
< 2.2.32.2.3
github.com/go-yaml/yamlGo
<= 2.1.0

Affected products

9

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.