Information on source package snakeyaml

Available versions

ReleaseVersion
buster1.23-1
buster (security)1.23-1+deb10u1
bullseye1.28-1
bookworm1.33-2
sid1.33-2

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2022-38751fixedvulnerable (no DSA)fixedfixedUsing snakeYAML to parse untrusted YAML files may be vulnerable to Den ...
CVE-2022-38750fixedvulnerable (no DSA)fixedfixedUsing snakeYAML to parse untrusted YAML files may be vulnerable to Den ...
CVE-2022-38749fixedvulnerable (no DSA)fixedfixedUsing snakeYAML to parse untrusted YAML files may be vulnerable to Den ...
CVE-2022-25857fixedvulnerable (no DSA)fixedfixedThe package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable t ...
CVE-2017-18640vulnerable (no DSA)fixedfixedfixedThe Alias feature in SnakeYAML before 1.26 allows entity expansion dur ...

Open unimportant issues

BugbusterbullseyebookwormsidDescription
CVE-2022-41854fixedvulnerablefixedfixedThose using Snakeyaml to parse untrusted YAML files may be vulnerable ...
CVE-2022-38752vulnerablevulnerablefixedfixedUsing snakeYAML to parse untrusted YAML files may be vulnerable to Den ...
CVE-2022-1471vulnerablevulnerablevulnerablevulnerableSnakeYaml's Constructor() class does not restrict types which can be i ...

Security announcements

DSA / DLADescription
DLA-3132-1snakeyaml - security update
Search for package or bug name: Reporting problems