Every CVE whose affected-product data names Yaml Project Yaml, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-28948 — CVSS 7.5 (high): An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
CVE-2021-4235 — CVSS 5.5 (medium): Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing…