Skip to main content

Remarshal

1 CVEs product

Monthly

CVE-2023-47163 PyPI HIGH PATCH This Week

Remarshal prior to v0.17.1 expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Remarshal
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Remarshal prior to v0.17.1 expands YAML alias nodes unlimitedly, hence Remarshal is vulnerable to Billion Laughs Attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Remarshal
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy