VulnerableCode Package Details - pkg:maven/io.prometheus.jmx/jmx_prometheus

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6354-p39b-zbhp	snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.	CVE-2022-38749 GHSA-c4r9-r8fh-9vj2

Vulnerability

Summary

Aliases

VCID-6354-p39b-zbhp

snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.

CVE-2022-38749
GHSA-c4r9-r8fh-9vj2

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:08:22.137186+00:00	GitLab Importer	Fixing	VCID-6354-p39b-zbhp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.prometheus.jmx/jmx_prometheus_httpserver/CVE-2022-38749.yml	38.4.0
2026-04-11T23:24:46.800122+00:00	GitLab Importer	Fixing	VCID-6354-p39b-zbhp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.prometheus.jmx/jmx_prometheus_httpserver/CVE-2022-38749.yml	38.3.0
2026-04-02T23:31:08.888604+00:00	GitLab Importer	Fixing	VCID-6354-p39b-zbhp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.prometheus.jmx/jmx_prometheus_httpserver/CVE-2022-38749.yml	38.1.0
2026-04-01T17:52:43.462167+00:00	GitLab Importer	Fixing	VCID-6354-p39b-zbhp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.prometheus.jmx/jmx_prometheus_httpserver/CVE-2022-38749.yml	38.0.0