Vulnerability Report: GO-2022-0956
- CVE-2022-3064, GHSA-6q6q-88xp-6f2r
- Affects: gopkg.in/yaml.v2
- Published: Aug 29, 2022
- Modified: May 20, 2024
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.
Affected Packages
-
PathGo VersionsSymbols
-
before v2.2.4
Aliases
References
- https://github.com/go-yaml/yaml/commit/f221b8435cfb71e54062f6c6e99e9ade30b124d5
- https://github.com/go-yaml/yaml/releases/tag/v2.2.4
- https://vuln.go.dev/ID/GO-2022-0956.json
Feedback
See anything missing or incorrect?
Suggest an edit to this report.