Vulnerability Report: GO-2020-0036
- CVE-2019-11254, GHSA-wxc4-f4m6-wwqv
- Affects: gopkg.in/yaml.v2, github.com/go-yaml/yaml
- Published: Apr 14, 2021
- Modified: Jun 12, 2023
Due to unbounded aliasing, a crafted YAML file can cause consumption of significant system resources. If parsing user supplied input, this may be used as a denial of service vector.
all versions, no known fixed
See anything missing or incorrect? Suggest an edit to this report.