snakeyaml (SUSE:Manager Server Module 4.3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Manager Server Module 4.3 package snakeyaml, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2020-13936 — CVSS 8.8 (high): An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same…
CVE-2022-25857 — CVSS 7.5 (high): The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for…
CVE-2022-38749 — CVSS 6.5 (medium): Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user…
CVE-2022-38750 — CVSS 6.5 (medium): Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user…
CVE-2022-38751 — CVSS 6.5 (medium): Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user…
CVE-2022-38752 — CVSS 6.5 (medium): Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user…
CVE-2022-4065 — CVSS 5.5 (medium): A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the…