Release | Version |
---|---|
bullseye | 1.28-1+deb11u2 |
bookworm | 1.33-2 |
trixie | 1.33-2 |
sid | 1.33-2 |
Bug | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|
CVE-2022-41854 | vulnerable | fixed | fixed | fixed | Those using Snakeyaml to parse untrusted YAML files may be vulnerable ... |
CVE-2022-38752 | vulnerable | fixed | fixed | fixed | Using snakeYAML to parse untrusted YAML files may be vulnerable to Den ... |
CVE-2022-1471 | vulnerable | vulnerable | vulnerable | vulnerable | SnakeYaml's Constructor() class does not restrict types which can be i ... |
Bug | Description |
---|---|
CVE-2022-38751 | Using snakeYAML to parse untrusted YAML files may be vulnerable to Den ... |
CVE-2022-38750 | Using snakeYAML to parse untrusted YAML files may be vulnerable to Den ... |
CVE-2022-38749 | Using snakeYAML to parse untrusted YAML files may be vulnerable to Den ... |
CVE-2022-25857 | The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable t ... |
CVE-2017-18640 | The Alias feature in SnakeYAML before 1.26 allows entity expansion dur ... |
DSA / DLA | Description |
---|---|
DLA-3132-1 | snakeyaml - security update |