[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-38752":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":26,"aliases":27,"duplicate_of":9,"upstream":29,"downstream":30,"duplicates":51,"related":52,"reserved_at":9,"published_at":67,"modified_at":68,"state":69,"summary":70,"references_raw":79,"kevs":116,"epss":117,"epss_history":120,"metrics":381,"affected":391},"CVE-2022-38752","Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.",null,[11,20],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],{"_key":21,"id":21,"name":22,"description":23,"type":15,"status":16,"abstraction":24,"likelihood_of_exploit":18,"capec":25},"CWE-121","Stack-based Buffer Overflow","A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).","Variant",[],[],[28],"GHSA-9w3m-gqgf-c4p9",[],[31,33,35,37,39,41,43,45,47,49],{"_key":32},"SUSE-SU-2022:3560-1",{"_key":34},"SUSE-SU-2022:3397-1",{"_key":36},"RHSA-2023:2705",{"_key":38},"RHSA-2023:2706",{"_key":40},"RHSA-2023:2707",{"_key":42},"DEBIAN-CVE-2022-38752",{"_key":44},"RHSA-2023:2097",{"_key":46},"RHSA-2023:1512",{"_key":48},"RHSA-2023:1513",{"_key":50},"RHSA-2023:1514",[],[53,54,56,57,59,61,63,65],{"_key":32},{"_key":55},"UBUNTU-CVE-2022-38752",{"_key":34},{"_key":58},"CGA-7JXJ-MV7Q-86XP",{"_key":60},"CGA-85G9-6HWH-32GX",{"_key":62},"CGA-JQMF-QXQ4-PHW6",{"_key":64},"CGA-PH82-MCM9-7236",{"_key":66},"CGA-F9F8-7P75-9X2P","2022-09-05T00:00:00.000Z","2024-08-03T11:02:14.529Z","Modified",{"cisa_kev":71,"cisa_ransomware":71,"cisa_vendor":9,"epss_severity":72,"epss_score":73,"severity":74,"severity_score":75,"severity_version":76,"severity_source":77,"severity_vector":78,"severity_status":69},false,"low",0.00205,"medium",6.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[80,88,93,98,102,107,112],{"url":81,"sources":82,"tags":85},"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47081",[77,83,84],"nvd","osv_maven",[86,87],"Permissions Required","WEB",{"url":89,"sources":90,"tags":91},"https://bitbucket.org/snakeyaml/snakeyaml/issues/531/stackoverflow-oss-fuzz-47081",[77,83,84],[92,87],"Third Party Advisory",{"url":94,"sources":95,"tags":96},"https://security.gentoo.org/glsa/202305-28",[77,83,84],[97,87],"Vendor Advisory",{"url":99,"sources":100,"tags":101},"https://security.netapp.com/advisory/ntap-20240315-0009/",[77,83],[],{"url":103,"sources":104,"tags":105},"https://nvd.nist.gov/vuln/detail/CVE-2022-38752",[84],[106],"Advisory",{"url":108,"sources":109,"tags":110},"https://bitbucket.org/snakeyaml/snakeyaml",[84],[111],"PACKAGE",{"url":113,"sources":114,"tags":115},"https://security.netapp.com/advisory/ntap-20240315-0009",[84],[87],[],{"date":118,"score":73,"percentile":119},"2026-06-04",0.42602,[121,125,128,130,133,136,138,141,144,147,150,153,156,159,162,166,169,172,175,178,181,184,187,189,191,194,197,200,203,206,209,212,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,259,262,265,267,270,273,276,279,282,285,287,289,292,295,298,301,303,306,309,311,313,316,319,322,325,328,331,334,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378],{"date":122,"score":123,"percentile":124},"2025-11-04",0.00163,0.37733,{"date":126,"score":123,"percentile":127},"2025-11-05",0.37729,{"date":129,"score":123,"percentile":127},"2025-11-06",{"date":131,"score":123,"percentile":132},"2025-11-07",0.3775,{"date":134,"score":123,"percentile":135},"2025-11-08",0.37751,{"date":137,"score":123,"percentile":124},"2025-11-09",{"date":139,"score":123,"percentile":140},"2025-11-10",0.37695,{"date":142,"score":123,"percentile":143},"2025-11-11",0.37718,{"date":145,"score":123,"percentile":146},"2025-11-12",0.3776,{"date":148,"score":123,"percentile":149},"2025-11-13",0.37774,{"date":151,"score":123,"percentile":152},"2025-11-14",0.37775,{"date":154,"score":123,"percentile":155},"2025-11-15",0.37773,{"date":157,"score":123,"percentile":158},"2025-11-16",0.37757,{"date":160,"score":123,"percentile":161},"2025-11-17",0.37735,{"date":163,"score":164,"percentile":165},"2025-11-18",0.00744,0.70811,{"date":167,"score":164,"percentile":168},"2025-11-19",0.70819,{"date":170,"score":164,"percentile":171},"2025-11-20",0.70827,{"date":173,"score":123,"percentile":174},"2025-11-21",0.3774,{"date":176,"score":123,"percentile":177},"2025-11-22",0.37744,{"date":179,"score":123,"percentile":180},"2025-11-23",0.37708,{"date":182,"score":123,"percentile":183},"2025-11-24",0.37696,{"date":185,"score":123,"percentile":186},"2025-11-25",0.37703,{"date":188,"score":123,"percentile":140},"2025-11-26",{"date":190,"score":123,"percentile":186},"2025-11-27",{"date":192,"score":123,"percentile":193},"2025-11-28",0.37681,{"date":195,"score":123,"percentile":196},"2025-11-29",0.37659,{"date":198,"score":123,"percentile":199},"2025-11-30",0.37644,{"date":201,"score":123,"percentile":202},"2025-12-01",0.37758,{"date":204,"score":123,"percentile":205},"2025-12-02",0.37766,{"date":207,"score":123,"percentile":208},"2025-12-03",0.37767,{"date":210,"score":123,"percentile":211},"2025-12-04",0.37637,{"date":213,"score":123,"percentile":214},"2025-12-05",0.37668,{"date":216,"score":123,"percentile":217},"2025-12-06",0.37667,{"date":219,"score":123,"percentile":220},"2025-12-07",0.37639,{"date":222,"score":123,"percentile":223},"2025-12-08",0.37649,{"date":225,"score":123,"percentile":226},"2025-12-09",0.3769,{"date":228,"score":123,"percentile":229},"2025-12-10",0.37753,{"date":231,"score":123,"percentile":232},"2025-12-11",0.37779,{"date":234,"score":123,"percentile":235},"2025-12-12",0.37815,{"date":237,"score":123,"percentile":238},"2025-12-13",0.3779,{"date":240,"score":123,"percentile":241},"2025-12-14",0.37754,{"date":243,"score":123,"percentile":244},"2025-12-15",0.37725,{"date":246,"score":123,"percentile":247},"2025-12-16",0.37752,{"date":249,"score":123,"percentile":250},"2025-12-17",0.378,{"date":252,"score":123,"percentile":253},"2025-12-18",0.37844,{"date":255,"score":123,"percentile":256},"2025-12-19",0.37864,{"date":258,"score":123,"percentile":253},"2025-12-20",{"date":260,"score":123,"percentile":261},"2025-12-21",0.37789,{"date":263,"score":123,"percentile":264},"2025-12-22",0.37768,{"date":266,"score":123,"percentile":264},"2025-12-23",{"date":268,"score":123,"percentile":269},"2025-12-24",0.37782,{"date":271,"score":123,"percentile":272},"2025-12-25",0.37838,{"date":274,"score":123,"percentile":275},"2025-12-26",0.37823,{"date":277,"score":123,"percentile":278},"2025-12-27",0.37845,{"date":280,"score":123,"percentile":281},"2025-12-28",0.37741,{"date":283,"score":123,"percentile":284},"2025-12-29",0.37714,{"date":286,"score":123,"percentile":180},"2025-12-30",{"date":288,"score":123,"percentile":152},"2025-12-31",{"date":290,"score":123,"percentile":291},"2026-01-01",0.37923,{"date":293,"score":123,"percentile":294},"2026-01-02",0.37895,{"date":296,"score":123,"percentile":297},"2026-01-03",0.37885,{"date":299,"score":123,"percentile":300},"2026-01-04",0.37721,{"date":302,"score":123,"percentile":183},"2026-01-05",{"date":304,"score":123,"percentile":305},"2026-01-06",0.37704,{"date":307,"score":123,"percentile":308},"2026-01-07",0.37731,{"date":310,"score":123,"percentile":146},"2026-01-08",{"date":312,"score":123,"percentile":241},"2026-01-09",{"date":314,"score":123,"percentile":315},"2026-01-10",0.37756,{"date":317,"score":123,"percentile":318},"2026-01-11",0.37732,{"date":320,"score":123,"percentile":321},"2026-01-12",0.37685,{"date":323,"score":123,"percentile":324},"2026-01-13",0.37663,{"date":326,"score":123,"percentile":327},"2026-01-14",0.37717,{"date":329,"score":123,"percentile":330},"2026-01-15",0.3771,{"date":332,"score":123,"percentile":333},"2026-01-16",0.3773,{"date":335,"score":123,"percentile":305},"2026-01-17",{"date":337,"score":123,"percentile":338},"2026-01-18",0.3765,{"date":340,"score":123,"percentile":341},"2026-01-19",0.376,{"date":343,"score":123,"percentile":344},"2026-01-20",0.37578,{"date":346,"score":123,"percentile":347},"2026-01-21",0.37559,{"date":349,"score":123,"percentile":350},"2026-01-22",0.37541,{"date":352,"score":123,"percentile":353},"2026-01-23",0.37601,{"date":355,"score":123,"percentile":356},"2026-01-24",0.37607,{"date":358,"score":123,"percentile":359},"2026-01-25",0.3755,{"date":361,"score":123,"percentile":362},"2026-01-26",0.37482,{"date":364,"score":123,"percentile":365},"2026-01-27",0.37478,{"date":367,"score":123,"percentile":368},"2026-01-28",0.37465,{"date":370,"score":123,"percentile":371},"2026-01-29",0.37437,{"date":373,"score":123,"percentile":374},"2026-01-30",0.37434,{"date":376,"score":123,"percentile":377},"2026-01-31",0.37433,{"date":379,"score":123,"percentile":380},"2026-02-01",0.37537,[382,387,389],{"source":77,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":383,"cvss_v4_0":9},{"baseScore":75,"baseSeverity":384,"vectorString":78,"impactScore":385,"exploitabilityScore":386},"MEDIUM",6,7.2,{"source":83,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":388,"cvss_v4_0":9},{"baseScore":75,"baseSeverity":384,"vectorString":78,"impactScore":385,"exploitabilityScore":386},{"source":84,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":390,"cvss_v4_0":9},{"baseScore":75,"baseSeverity":9,"vectorString":78,"impactScore":385,"exploitabilityScore":386},[392,405,412],{"ecosystem":393,"name":394,"vendor":395,"product":396,"cpe_part":9,"purl_type":397,"purl_namespace":395,"purl_name":396,"source":9,"versions":398},"Maven","org.yaml:snakeyaml","org.yaml","snakeyaml","maven",[399],{"version":400,"is_range":401,"range_type":402,"version_start":9,"version_start_type":9,"version_end":403,"version_end_type":404,"fixed_in":9},"lt1_32",true,"ecosystem","1.32","excluding",{"ecosystem":9,"name":396,"vendor":406,"product":396,"cpe_part":407,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":408},"snakeyaml_project","a",[409],{"version":410,"is_range":401,"range_type":411,"version_start":9,"version_start_type":9,"version_end":403,"version_end_type":404,"fixed_in":9},"lt1.32","cpe",{"ecosystem":9,"name":413,"vendor":396,"product":396,"cpe_part":407,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":414},"SnakeYAML",[415],{"version":416,"is_range":401,"range_type":77,"version_start":417,"version_start_type":418,"version_end":419,"version_end_type":418,"fixed_in":9},">= unspecified, \u003C= 1.31","unspecified","including","1.31"]