PT-2022-20225 · Almalinux+5 · Almalinux+5

Liggitt

Published

2022-08-29

Updated

2025-02-21

CVE-2022-3064

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue is related to parsing malicious or large YAML documents, which can lead to excessive consumption of CPU or memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALSA-2023:6346

ALSA-2023:6938

ALSA-2023:6939

AZL-40841

AZL-43939

AZL-43993

AZL-44035

AZL-44067

AZL-44514

AZL-44610

CESA-2023_6938

CESA-2023_6939

CESA-2024_10784

CVE-2022-3064

DLA-3479-1

GHSA-6Q6Q-88XP-6F2R

GO-2022-0956

OESA-2025-1168

OESA-2025-1169

OESA-2025-1170

RHSA-2023:1014

RHSA-2023:1275

RHSA-2023:6346

RHSA-2023:6938

RHSA-2023:6939

RHSA-2023_6346

RHSA-2023_6938

RHSA-2023_6939

RHSA-2024:10759

RHSA-2024:10784

RHSA-2024:4443

RHSA-2024_10759

RHSA-2024_10784

USN-6287-1

Affected Products

Almalinux

Centos

Linuxmint

Red Hat

Rocky Linux

Ubuntu

CVE-2022-3064

Weakness Enumeration

Related Identifiers

Affected Products

References · 90