An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Yaml | Yaml_project | 3.0.0 (including) | 3.0.0 (including) |
Cryostat 2 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-operator-bundle:2.1.1-2 | * |
Cryostat 2 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-reports-rhel8:1.0.0-2 | * |
Cryostat 2 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-rhel8:2.1.1-1 | * |
Cryostat 2 on RHEL 8 | RedHat | cryostat-tech-preview/cryostat-rhel8-operator:2.1.1-1 | * |
Cryostat 2 on RHEL 8 | RedHat | cryostat-tech-preview/jfr-datasource-rhel8:2.1.0-2 | * |
Red Hat OpenShift Dev Spaces 3 Containers | RedHat | devspaces/devspaces-rhel8-operator:3.15-10 | * |
Golang-gopkg-yaml.v3 | Ubuntu | impish | * |
Golang-gopkg-yaml.v3 | Ubuntu | upstream | * |
Snapd | Ubuntu | bionic | * |
Snapd | Ubuntu | devel | * |
Snapd | Ubuntu | esm-infra/bionic | * |
Snapd | Ubuntu | esm-infra/focal | * |
Snapd | Ubuntu | focal | * |
Snapd | Ubuntu | impish | * |
Snapd | Ubuntu | jammy | * |
Snapd | Ubuntu | kinetic | * |
Snapd | Ubuntu | lunar | * |
Snapd | Ubuntu | mantic | * |
Snapd | Ubuntu | noble | * |
Snapd | Ubuntu | oracular | * |
Snapd | Ubuntu | plucky | * |
Snapd | Ubuntu | snap | * |
Snapd | Ubuntu | upstream | * |
Snapd | Ubuntu | xenial | * |