VYPR

Gopkg.in/yaml.v2

by Gopkg.in/yaml.v2

Source repositories

CVEs (2)

  • CVE-2022-3064HigDec 27, 2022
    risk 0.42cvss 7.5epss 0.02

    Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.

  • CVE-2021-4235MedDec 27, 2022
    risk 0.29cvss 5.5epss 0.00

    Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.