Yaml-rust Project Yaml-rust — known CVE vulnerabilities
Every CVE whose affected-product data names Yaml-rust Project Yaml-rust, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-20993 — CVSS 7.5 (high): An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization.
CVE-2019-1010182 — CVSS 6.5 (medium): yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. The impact is: Denial of service by impossible to catch abort. The…