Vulnerability Report: GO-2022-0603
- CVE-2022-28948, GHSA-hp87-p4gw-j4gq
- Affects: gopkg.in/yaml.v3
- Published: Aug 22, 2022
- Modified: May 20, 2024
An issue in the Unmarshal function can cause a program to panic when attempting to deserialize invalid input.
Affected Packages
-
PathGo VersionsSymbols
-
before v3.0.0-20220521103104-8f96da9f5d5e
Aliases
References
- https://github.com/go-yaml/yaml/commit/8f96da9f5d5eff988554c1aae1784627c4bf6754
- https://github.com/go-yaml/yaml/issues/666
- https://vuln.go.dev/ID/GO-2022-0603.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.