CVE-2021-39194: Loop with Unreachable Exit Condition (Infinite Loop)

September 7, 2021 (updated September 14, 2021)

kaml is an open source implementation of the YAML format with support for kotlinx.This could result in resource starvation and denial of service. This only affects applications that use polymorphic serialization with the default tagged polymorphism style.

References

nvd.nist.gov/vuln/detail/CVE-2021-39194

Code Behaviors & Features

Detect and mitigate CVE-2021-39194 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →