The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.
{ "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.12-2ubuntu0.14.04.1~esm2", "binary_name": "libyaml-snake-java" }, { "binary_version": "1.12-2ubuntu0.14.04.1~esm2", "binary_name": "libyaml-snake-java-doc" } ], "availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro" }
{ "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.12-2ubuntu0.16.04.1~esm2", "binary_name": "libyaml-snake-java" }, { "binary_version": "1.12-2ubuntu0.16.04.1~esm2", "binary_name": "libyaml-snake-java-doc" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }
{ "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.23-1+deb10u1ubuntu0.1~esm1", "binary_name": "libyaml-snake-java" }, { "binary_version": "1.23-1+deb10u1ubuntu0.1~esm1", "binary_name": "libyaml-snake-java-doc" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }
{ "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.25+ds-2ubuntu0.1+esm1", "binary_name": "libyaml-snake-java" }, { "binary_version": "1.25+ds-2ubuntu0.1+esm1", "binary_name": "libyaml-snake-java-doc" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }