[jira] [Created] (CASSANDRA-17907) Remediate CVE-2022-25857 - org.yaml_snakeyaml version 1.26 has vulnerabilities

deepagkanaka (Jira) Mon, 19 Sep 2022 23:49:36 -0700

deepagkanaka created CASSANDRA-17907:
----------------------------------------


             Summary: Remediate CVE-2022-25857 - org.yaml_snakeyaml version 
1.26 has vulnerabilities
                 Key: CASSANDRA-17907
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17907
             Project: Cassandra
          Issue Type: Bug
            Reporter: deepagkanaka


|org.yaml_snakeyaml|[CVE-2022-25857|https://nvd.nist.gov/vuln/detail/CVE-2022-25857]|Fixed
 in: 1.31
21 days ago| |6|Impacted versions: <1.31
Discovered: a day ago
Published: 21 days ago
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial 
of Service (DoS) due missing to nested depth limitation for collections.|



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (CASSANDRA-17907) Remediate CVE-2022-25857 - org.yaml_snakeyaml version 1.26 has vulnerabilities

Reply via email to