Manmeet Singh

**Name of the Vulnerable Software and Affected Versions** JYaml versions prior to 1.4 **Description** The issue allows remote code execution during deserialization of a malicious payload through the `load()` function. It is noted that JYaml is a discontinued product. **Recommendations** For JYaml versions prior to 1.4, as the product is discontinued, there is no information about a newer version that contains a fix for this issue. Consider disabling the `load()` function to minimize the risk of exploitation.