java-faker icon indicating copy to clipboard operation
java-faker copied to clipboard
verified publisher icon DiUS

CVE-2022-25857 - [email protected] vulnerable.

Open oWahyudi opened this issue 1 year ago • 0 comments

Vulnerable module introduce through: [email protected] Affected version of this package are vulnerable to Denial of Service (Dos) due to missing nested depth limitation for collections.

Note: This vulnerability has also been identified as CVE-2022-25857

Remediation: Upgrade org.yaml:snakeyaml to version 1.31 or higher

oWahyudi avatar Jan 22 '24 17:01 oWahyudi