Yar
by Spumko
Source repositories
CVEs (1)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-4179 | hig | 0.45 | — | — | Sep 1, 2020 | Versions of `yar` prior to 2.2.0 are affected by a denial of service vulnerability related to an invalid encrypted session cookie value. When an invalid encryped session cookie value is provided, the process will crash. ## Recommendation Update to version 2.2.0 or later. |
- risk 0.45cvss —epss —
Versions of `yar` prior to 2.2.0 are affected by a denial of service vulnerability related to an invalid encrypted session cookie value. When an invalid encryped session cookie value is provided, the process will crash. ## Recommendation Update to version 2.2.0 or later.