VulnerableCode Package Details - pkg:ebuild/dev-java/snakeyaml@1.33

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-4nu3-fknt-puej	snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.	CVE-2022-38750 GHSA-hhhw-99gj-p3c3
VCID-6354-p39b-zbhp	snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.	CVE-2022-38749 GHSA-c4r9-r8fh-9vj2
VCID-e8hu-czv4-yyc5	SnakeYAML Entity Expansion during load operation The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.	CVE-2017-18640 GHSA-rvwf-54qp-4r6v
VCID-fb8u-g65k-hffs	snakeYAML before 1.32 vulnerable to Denial of Service due to Out-of-bounds Write Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.	CVE-2022-38752 GHSA-9w3m-gqgf-c4p9
VCID-qxfs-sq38-jfad	snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.	CVE-2022-38751 GHSA-98wm-3w3q-mw94

Vulnerability

Summary

Aliases

VCID-4nu3-fknt-puej

snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

CVE-2022-38750
GHSA-hhhw-99gj-p3c3

VCID-6354-p39b-zbhp

CVE-2022-38749
GHSA-c4r9-r8fh-9vj2

VCID-e8hu-czv4-yyc5

SnakeYAML Entity Expansion during load operation The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

CVE-2017-18640
GHSA-rvwf-54qp-4r6v

VCID-fb8u-g65k-hffs

snakeYAML before 1.32 vulnerable to Denial of Service due to Out-of-bounds Write Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DoS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.

CVE-2022-38752
GHSA-9w3m-gqgf-c4p9

VCID-qxfs-sq38-jfad

CVE-2022-38751
GHSA-98wm-3w3q-mw94

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:14:26.803941+00:00	Gentoo Importer	Fixing	VCID-fb8u-g65k-hffs	https://security.gentoo.org/glsa/202305-28	38.0.0
2026-04-01T13:14:26.789285+00:00	Gentoo Importer	Fixing	VCID-qxfs-sq38-jfad	https://security.gentoo.org/glsa/202305-28	38.0.0
2026-04-01T13:14:26.774426+00:00	Gentoo Importer	Fixing	VCID-4nu3-fknt-puej	https://security.gentoo.org/glsa/202305-28	38.0.0
2026-04-01T13:14:26.759007+00:00	Gentoo Importer	Fixing	VCID-6354-p39b-zbhp	https://security.gentoo.org/glsa/202305-28	38.0.0
2026-04-01T13:14:26.743275+00:00	Gentoo Importer	Fixing	VCID-e8hu-czv4-yyc5	https://security.gentoo.org/glsa/202305-28	38.0.0