Question 1

What is CVE-2022-41854 — CVE-2022-41854?

Accepted Answer

Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of service attack.

Question 2

What is the authoritative source for CVE-2022-41854?

Accepted Answer

CVE-2022-41854 (CVE-2022-41854) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	5.8 ()
Vector	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H
EPSS	1.48% probability of exploitation · percentile 70.5% · 2026-06-19T12:03:05Z
Last modified	2026-06-17

CVE-2022-41854CVE-2022-41854

Description

Scoring