{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2022-3064", "ASSIGNER": "security@golang.org", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE 400: Uncontrolled Resource Consumption" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "gopkg.in/yaml.v2", "product": { "product_data": [ { "product_name": "gopkg.in/yaml.v2", "version": { "version_data": [ { "version_affected": "<", "version_name": "0", "version_value": "2.2.4" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://github.com/go-yaml/yaml/commit/f221b8435cfb71e54062f6c6e99e9ade30b124d5", "refsource": "MISC", "name": "https://github.com/go-yaml/yaml/commit/f221b8435cfb71e54062f6c6e99e9ade30b124d5" }, { "url": "https://github.com/go-yaml/yaml/releases/tag/v2.2.4", "refsource": "MISC", "name": "https://github.com/go-yaml/yaml/releases/tag/v2.2.4" }, { "url": "https://pkg.go.dev/vuln/GO-2022-0956", "refsource": "MISC", "name": "https://pkg.go.dev/vuln/GO-2022-0956" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00001.html", "refsource": "MISC", "name": "https://lists.debian.org/debian-lts-announce/2023/07/msg00001.html" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/" }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/" } ] } }