[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-41854":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":26,"aliases":36,"duplicate_of":9,"upstream":38,"downstream":39,"duplicates":54,"related":55,"reserved_at":9,"published_at":68,"modified_at":69,"state":70,"summary":71,"references_raw":79,"kevs":160,"epss":161,"epss_history":164,"metrics":433,"affected":447},"CVE-2022-41854","Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.",null,[11,20],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],{"_key":21,"id":21,"name":22,"description":23,"type":15,"status":16,"abstraction":24,"likelihood_of_exploit":18,"capec":25},"CWE-121","Stack-based Buffer Overflow","A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).","Variant",[],[27],{"_key":28,"name":29,"source":30,"url":31,"maturity":32,"reliability_score":33,"verified":34,"type":9,"platforms":35,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_8FE08BE254A8FC5F","Exploit Reference (bugs.chromium.org)","reference","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355","unknown",0.2,false,[],[37],"GHSA-w37g-rhq8-7m4j",[],[40,42,44,46,48,50,52],{"_key":41},"RHSA-2023:2705",{"_key":43},"RHSA-2023:2706",{"_key":45},"RHSA-2023:2707",{"_key":47},"DEBIAN-CVE-2022-41854",{"_key":49},"RHSA-2023:1512",{"_key":51},"RHSA-2023:1513",{"_key":53},"RHSA-2023:1514",[],[56,58,60,62,64,66],{"_key":57},"UBUNTU-CVE-2022-41854",{"_key":59},"CGA-7RJV-F2Q6-55MP",{"_key":61},"CGA-VGMG-HV2P-G7H8",{"_key":63},"CGA-VGWV-C777-JQWV",{"_key":65},"CGA-W2JJ-P5V7-324X",{"_key":67},"CGA-9G8P-F8MV-PPVG","2022-11-11T13:10:10.912Z","2024-09-16T16:24:11.627Z","Modified",{"cisa_kev":34,"cisa_ransomware":34,"cisa_vendor":9,"epss_severity":72,"epss_score":73,"severity":74,"severity_score":75,"severity_version":76,"severity_source":77,"severity_vector":78,"severity_status":70},"low",0.00123,"medium",6.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",[80,89,94,98,102,106,110,115,120,124,128,132,136,140,144,148,152,156],{"url":31,"sources":81,"tags":84},[82,77,83],"cve.org","osv_maven",[85,86,87,88],"Exploit","Issue Tracking","Third Party Advisory","WEB",{"url":90,"sources":91,"tags":92},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MKE4XWRXTH32757H7QJU4ACS67DYDCR/",[82,77],[93],"Vendor Advisory",{"url":95,"sources":96,"tags":97},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSPAJ5Y45A4ZDION2KN5RDWLHK4XKY2J/",[82,77],[93],{"url":99,"sources":100,"tags":101},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DDXEXXWAZGF5AVHIPGFPXIWL6TSMKJE/",[82,77],[93],{"url":103,"sources":104,"tags":105},"https://security.netapp.com/advisory/ntap-20240315-0009/",[82,77],[],{"url":107,"sources":108,"tags":109},"https://security.netapp.com/advisory/ntap-20240621-0006/",[82,77],[],{"url":111,"sources":112,"tags":113},"https://nvd.nist.gov/vuln/detail/CVE-2022-41854",[83],[114],"Advisory",{"url":116,"sources":117,"tags":118},"https://bitbucket.org/snakeyaml/snakeyaml",[83],[119],"PACKAGE",{"url":121,"sources":122,"tags":123},"https://bitbucket.org/snakeyaml/snakeyaml/commits/e230a1758842beec93d28eddfde568c21774780a",[83],[88],{"url":125,"sources":126,"tags":127},"https://bitbucket.org/snakeyaml/snakeyaml/issues/531",[83],[88],{"url":129,"sources":130,"tags":131},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DDXEXXWAZGF5AVHIPGFPXIWL6TSMKJE",[83],[88],{"url":133,"sources":134,"tags":135},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MKE4XWRXTH32757H7QJU4ACS67DYDCR",[83],[88],{"url":137,"sources":138,"tags":139},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSPAJ5Y45A4ZDION2KN5RDWLHK4XKY2J",[83],[88],{"url":141,"sources":142,"tags":143},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3DDXEXXWAZGF5AVHIPGFPXIWL6TSMKJE",[83],[88],{"url":145,"sources":146,"tags":147},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MKE4XWRXTH32757H7QJU4ACS67DYDCR",[83],[88],{"url":149,"sources":150,"tags":151},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSPAJ5Y45A4ZDION2KN5RDWLHK4XKY2J",[83],[88],{"url":153,"sources":154,"tags":155},"https://security.netapp.com/advisory/ntap-20240315-0009",[83],[88],{"url":157,"sources":158,"tags":159},"https://security.netapp.com/advisory/ntap-20240621-0006",[83],[88],[],{"date":162,"score":73,"percentile":163},"2026-06-04",0.30939,[165,169,172,175,177,180,183,186,189,193,195,198,201,204,207,211,214,217,220,223,226,229,232,235,238,241,245,248,251,254,257,260,263,266,269,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,325,327,330,333,336,339,342,345,348,351,354,357,360,363,366,369,372,375,378,381,384,387,390,393,395,398,401,404,406,409,412,415,418,421,424,427,430],{"date":166,"score":167,"percentile":168},"2025-11-04",0.00095,0.27212,{"date":170,"score":167,"percentile":171},"2025-11-05",0.27199,{"date":173,"score":167,"percentile":174},"2025-11-06",0.27209,{"date":176,"score":167,"percentile":174},"2025-11-07",{"date":178,"score":167,"percentile":179},"2025-11-08",0.27203,{"date":181,"score":167,"percentile":182},"2025-11-09",0.2716,{"date":184,"score":167,"percentile":185},"2025-11-10",0.27125,{"date":187,"score":167,"percentile":188},"2025-11-11",0.27149,{"date":190,"score":191,"percentile":192},"2025-11-12",0.00079,0.24036,{"date":194,"score":191,"percentile":192},"2025-11-13",{"date":196,"score":191,"percentile":197},"2025-11-14",0.24027,{"date":199,"score":191,"percentile":200},"2025-11-15",0.24012,{"date":202,"score":191,"percentile":203},"2025-11-16",0.23966,{"date":205,"score":191,"percentile":206},"2025-11-17",0.23924,{"date":208,"score":209,"percentile":210},"2025-11-18",0.01033,0.75447,{"date":212,"score":209,"percentile":213},"2025-11-19",0.75454,{"date":215,"score":209,"percentile":216},"2025-11-20",0.75463,{"date":218,"score":191,"percentile":219},"2025-11-21",0.2387,{"date":221,"score":191,"percentile":222},"2025-11-22",0.23867,{"date":224,"score":191,"percentile":225},"2025-11-23",0.2382,{"date":227,"score":191,"percentile":228},"2025-11-24",0.23786,{"date":230,"score":191,"percentile":231},"2025-11-25",0.23773,{"date":233,"score":191,"percentile":234},"2025-11-26",0.2376,{"date":236,"score":191,"percentile":237},"2025-11-27",0.23759,{"date":239,"score":191,"percentile":240},"2025-11-28",0.23739,{"date":242,"score":243,"percentile":244},"2025-11-29",0.00092,0.2635,{"date":246,"score":243,"percentile":247},"2025-11-30",0.26317,{"date":249,"score":243,"percentile":250},"2025-12-01",0.26363,{"date":252,"score":243,"percentile":253},"2025-12-02",0.26387,{"date":255,"score":243,"percentile":256},"2025-12-03",0.26394,{"date":258,"score":243,"percentile":259},"2025-12-04",0.2633,{"date":261,"score":243,"percentile":262},"2025-12-05",0.26366,{"date":264,"score":243,"percentile":265},"2025-12-06",0.26371,{"date":267,"score":243,"percentile":268},"2025-12-07",0.2634,{"date":270,"score":243,"percentile":268},"2025-12-08",{"date":272,"score":243,"percentile":273},"2025-12-09",0.26389,{"date":275,"score":243,"percentile":276},"2025-12-10",0.26461,{"date":278,"score":243,"percentile":279},"2025-12-11",0.26478,{"date":281,"score":243,"percentile":282},"2025-12-12",0.26491,{"date":284,"score":243,"percentile":285},"2025-12-13",0.26489,{"date":287,"score":243,"percentile":288},"2025-12-14",0.26453,{"date":290,"score":243,"percentile":291},"2025-12-15",0.26427,{"date":293,"score":243,"percentile":294},"2025-12-16",0.26437,{"date":296,"score":243,"percentile":297},"2025-12-17",0.26495,{"date":299,"score":243,"percentile":300},"2025-12-18",0.26542,{"date":302,"score":243,"percentile":303},"2025-12-19",0.26552,{"date":305,"score":243,"percentile":306},"2025-12-20",0.26523,{"date":308,"score":243,"percentile":309},"2025-12-21",0.26486,{"date":311,"score":243,"percentile":312},"2025-12-22",0.26455,{"date":314,"score":243,"percentile":315},"2025-12-23",0.26419,{"date":317,"score":243,"percentile":318},"2025-12-24",0.26438,{"date":320,"score":243,"percentile":321},"2025-12-25",0.26514,{"date":323,"score":243,"percentile":324},"2025-12-26",0.26503,{"date":326,"score":243,"percentile":285},"2025-12-27",{"date":328,"score":243,"percentile":329},"2025-12-28",0.26376,{"date":331,"score":243,"percentile":332},"2025-12-29",0.26343,{"date":334,"score":243,"percentile":335},"2025-12-30",0.26341,{"date":337,"score":243,"percentile":338},"2025-12-31",0.26402,{"date":340,"score":243,"percentile":341},"2026-01-01",0.26508,{"date":343,"score":243,"percentile":344},"2026-01-02",0.26507,{"date":346,"score":243,"percentile":347},"2026-01-03",0.2649,{"date":349,"score":243,"percentile":350},"2026-01-04",0.26393,{"date":352,"score":243,"percentile":353},"2026-01-05",0.26382,{"date":355,"score":243,"percentile":356},"2026-01-06",0.2639,{"date":358,"score":243,"percentile":359},"2026-01-07",0.26417,{"date":361,"score":243,"percentile":362},"2026-01-08",0.26459,{"date":364,"score":243,"percentile":365},"2026-01-09",0.26446,{"date":367,"score":243,"percentile":368},"2026-01-10",0.26418,{"date":370,"score":243,"percentile":371},"2026-01-11",0.26397,{"date":373,"score":243,"percentile":374},"2026-01-12",0.26353,{"date":376,"score":243,"percentile":377},"2026-01-13",0.26333,{"date":379,"score":243,"percentile":380},"2026-01-14",0.26375,{"date":382,"score":243,"percentile":383},"2026-01-15",0.26374,{"date":385,"score":243,"percentile":386},"2026-01-16",0.26407,{"date":388,"score":243,"percentile":389},"2026-01-17",0.2641,{"date":391,"score":243,"percentile":392},"2026-01-18",0.26359,{"date":394,"score":243,"percentile":247},"2026-01-19",{"date":396,"score":243,"percentile":397},"2026-01-20",0.26301,{"date":399,"score":243,"percentile":400},"2026-01-21",0.26249,{"date":402,"score":243,"percentile":403},"2026-01-22",0.26229,{"date":405,"score":243,"percentile":397},"2026-01-23",{"date":407,"score":243,"percentile":408},"2026-01-24",0.26303,{"date":410,"score":243,"percentile":411},"2026-01-25",0.26222,{"date":413,"score":243,"percentile":414},"2026-01-26",0.26139,{"date":416,"score":243,"percentile":417},"2026-01-27",0.26123,{"date":419,"score":243,"percentile":420},"2026-01-28",0.26117,{"date":422,"score":243,"percentile":423},"2026-01-29",0.26077,{"date":425,"score":243,"percentile":426},"2026-01-30",0.26068,{"date":428,"score":243,"percentile":429},"2026-01-31",0.26062,{"date":431,"score":243,"percentile":432},"2026-02-01",0.2612,[434,441,445],{"source":82,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":435,"cvss_v4_0":9},{"baseScore":436,"baseSeverity":437,"vectorString":438,"impactScore":439,"exploitabilityScore":440},5.8,"MEDIUM","CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H",6.7,3.3,{"source":77,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":442,"cvss_v4_0":9},{"baseScore":75,"baseSeverity":437,"vectorString":78,"impactScore":443,"exploitabilityScore":444},6,7.2,{"source":83,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":446,"cvss_v4_0":9},{"baseScore":75,"baseSeverity":9,"vectorString":78,"impactScore":443,"exploitabilityScore":444},[448,458,471,477],{"ecosystem":9,"name":449,"vendor":450,"product":449,"cpe_part":451,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":452},"fedora","fedoraproject","o",[453,456],{"version":454,"is_range":34,"range_type":455,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"36","cpe",{"version":457,"is_range":34,"range_type":455,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"37",{"ecosystem":459,"name":460,"vendor":461,"product":462,"cpe_part":9,"purl_type":463,"purl_namespace":461,"purl_name":462,"source":9,"versions":464},"Maven","org.yaml:snakeyaml","org.yaml","snakeyaml","maven",[465],{"version":466,"is_range":467,"range_type":468,"version_start":9,"version_start_type":9,"version_end":469,"version_end_type":470,"fixed_in":9},"lt1_32",true,"ecosystem","1.32","excluding",{"ecosystem":9,"name":462,"vendor":472,"product":462,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":474},"snakeyaml_project","a",[475],{"version":476,"is_range":467,"range_type":455,"version_start":9,"version_start_type":9,"version_end":469,"version_end_type":470,"fixed_in":9},"lt1.32",{"ecosystem":9,"name":478,"vendor":462,"product":462,"cpe_part":473,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":479},"SnakeYAML",[480],{"version":481,"is_range":467,"range_type":82,"version_start":482,"version_start_type":483,"version_end":469,"version_end_type":470,"fixed_in":9},">= unspecified, \u003C 1.32","unspecified","including"]