CVE-2021-4235

Published December 27th, 2022

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.

go-yaml/yaml

YAML support for the Go language.

GitHub

7.02K