As part of a proactive security audit, we discovered and corrected a vulnerability.
Insecure deserialization of YAML
Status: Fixed in Humio 1.9.3
Fixed an issue related to insecure deserilization of YAML files in our Dashboard Template files. The issue would have made it possible for an authenticated user to craft a YAML file that when uploaded would exhaust the node responsible for reading the file. We found no evidence that this exploit have been utilized on our cloud.