all InfoSec news
USN-5944-1: SnakeYAML vulnerabilities
March 10, 2023, 10:18 a.m. |
Ubuntu security notices ubuntu.com
for collections when parsing YAML data. If a user or automated system were
tricked into opening a specially crafted YAML file, an attacker could
possibly use this issue to cause applications using SnakeYAML to crash,
resulting in a denial of service. (CVE-2022-25857, CVE-2022-38749,
CVE-2022-38750)
It was discovered that SnakeYAML did not limit the maximal data matched
with regular expressions when parsing YAML data. If a user or automated …
applications automated crash cve data denial of service file issue nested parsing regular expressions service system usn vulnerabilities yaml
More from ubuntu.com / Ubuntu security notices
USN-6747-2: Firefox regressions
1 day, 2 hours ago |
ubuntu.com
USN-6760-1: Gerbv vulnerability
2 days, 7 hours ago |
ubuntu.com
LSN-0103-1: Kernel Live Patch Security Notice
2 days, 19 hours ago |
ubuntu.com
USN-6758-1: JSON5 vulnerability
2 days, 19 hours ago |
ubuntu.com
USN-6761-1: Anope vulnerability
2 days, 22 hours ago |
ubuntu.com
USN-6759-1: FreeRDP vulnerabilities
3 days, 13 hours ago |
ubuntu.com
USN-6757-1: PHP vulnerabilities
3 days, 15 hours ago |
ubuntu.com
USN-6744-3: Pillow vulnerability
3 days, 17 hours ago |
ubuntu.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Cloud Security Analyst
@ Cloud Peritus | Bengaluru, India
Cyber Program Manager - CISO- United States – Remote
@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
Network Security Engineer (AEGIS)
@ Peraton | Virginia Beach, VA, United States
SC2022-002065 Cyber Security Incident Responder (NS) - MON 13 May
@ EMW, Inc. | Mons, Wallonia, Belgium
Information Systems Security Engineer
@ Booz Allen Hamilton | USA, GA, Warner Robins (300 Park Pl Dr)