Security Advisory

CVE-2023-51389

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-22 15:59:29

Last updated 2024-08-22 17:54:37

Assigner GitHub_M

State PUBLISHED

Description

Hertzbeat is a real-time monitoring system. At the interface of `/define/yml`, SnakeYAML is used as a parser to parse yml content, but no security configuration is used, resulting in a YAML deserialization vulnerability. Version 1.4.1 fixes this vulnerability.

← Browse all CVEs View on cve.org ↗