← voltar
CVE-2023-47163

CVE-2023-47163

EPSS 1.0%
Remarshal prior to v0.17.1 expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack. Processing untrusted YAML files may cause a denial-of-service (DoS) condition.
Produtos afetados
Remarshal-project · Remarshal

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/remarshal-project/remarshal/commit/fd6ac799a02f533c3fc243b49cdd6d21aa7ee494https://github.com/remarshal-project/remarshal/releases/tag/v0.17.1https://jvn.jp/en/jp/JVN86156389/