Homepage

eap7-snakeyaml vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the eap7-snakeyaml package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • C
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Deserialization of Untrusted Data

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Improper Input Validation

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Out-of-bounds Write

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Deserialization of Untrusted Data

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Arbitrary Code Injection

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Deserialization of Untrusted Data

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Deserialization of Untrusted Data

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Improper Input Validation

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Improper Input Validation

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Files or Directories Accessible to External Parties

<0:1.33.0-1.SP1_redhat_00001.1.ep7.el7
  • C
Arbitrary Command Injection

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • C
Static Code Injection

<0:1.33.0-1.SP1_redhat_00001.1.ep7.el7
  • C
Static Code Injection

<0:1.33.0-1.SP1_redhat_00001.1.ep7.el7
  • H
Cross-site Scripting (XSS)

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Allocation of Resources Without Limits or Throttling

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Improper Input Validation

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Incorrect Authorization

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Privilege Context Switching Error

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Cross-site Scripting (XSS)

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Insufficiently Protected Credentials

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Information Exposure Through Server Error Message

<0:1.33.0-2.SP1_redhat_00001.1.el7eap
  • M
Information Exposure

<0:1.26.0-1.redhat_00001.1.el7eap
  • M
Improper Authentication

<0:1.26.0-1.redhat_00001.1.el7eap
  • H
Directory Traversal

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Directory Traversal

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Incorrect Permission Assignment for Critical Resource

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Information Exposure

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Out-of-Bounds

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
HTTP Request Smuggling

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Access Restriction Bypass

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:1.33.0-2.SP1_redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.31.0-1.redhat_00001.1.el7eap
  • H
Improper Authorization

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.31.0-1.redhat_00001.1.el7eap
  • H
XML External Entity (XXE) Injection

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Out-of-bounds Read

<0:1.24.0-2.redhat_00001.1.el7eap
  • H
Deserialization of Untrusted Data

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Improper Input Validation

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Improper Access Control

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Information Exposure

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Directory Traversal

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Resource Exhaustion

<0:1.24.0-2.redhat_00001.1.el7eap
  • M
Information Exposure

<0:1.18.0-1.redhat_2.1.el7eap
  • H
Information Exposure

<0:1.33.0-2.SP1_redhat_00001.1.el7eap
  • M
Improper Input Validation

<0:1.26.0-1.redhat_00001.1.el7eap
  • H
HTTP Request Smuggling

<0:1.24.0-2.redhat_00001.1.el7eap
  • C
Uncontrolled Recursion

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • M
Resource Exhaustion

<0:1.26.0-1.redhat_00001.1.el7eap
  • H
Creation of Temporary File With Insecure Permissions

<0:1.33.0-2.SP1_redhat_00001.1.el7eap
  • H
Out-of-bounds Write

<0:1.33.0-2.SP1_redhat_00001.1.el7eap
  • C
Improper Input Validation

<0:1.33.0-1.SP1_redhat_00001.1.el7eap
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<0:1.33.0-2.SP1_redhat_00001.1.el7eap
  • H
Out-of-bounds Write

<0:1.33.0-2.SP1_redhat_00001.1.el7eap
  • H
Resource Exhaustion

<0:1.31.0-1.redhat_00001.1.el7eap
  • H
HTTP Response Splitting

<0:1.17.0-1.redhat_1.1.ep7.el7
  • H
Improper Input Validation

<0:1.24.0-2.redhat_00001.1.el7eap
  • C
Deserialization of Untrusted Data

<0:1.33.0-1.SP1_redhat_00001.1.ep7.el7
  • C
Deserialization of Untrusted Data

<0:1.33.0-1.SP1_redhat_00001.1.ep7.el7
  • C
Deserialization of Untrusted Data

<0:1.33.0-1.SP1_redhat_00001.1.ep7.el7
  • C
Deserialization of Untrusted Data

<0:1.33.0-1.SP1_redhat_00001.1.ep7.el7