ROS-20240514-03
Scores
EPSS
0.000None
0.0%0%20%40%60%80%100%
Percentile: 0.0%
CVSS
0.0None
3.x0246810
CVSS Score: 0.0/10
All CVSS Scores
CVSS 3.x
0.0Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
AC:L
c
H
C:H
i
H
I:H
a
H
A:H
Description
Уязвимость библиотеки для сериализации и десериализации YAML-документов SnakeYAML связана с
восстановлением в памяти недостоверной структуры данных. Эксплуатация уязвимости может позволить
нарушителю, действующему удаленно, вы-полнить произвольный код
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
redos
Related Vulnerabilities
Vulnerable Software (1)
Type: Configuration
Product: snakeyaml
Operating System: redos 7.3
Trait:
{
"version_end_excluding": "0:2.2-1"
}Source: redos