As part of a proactive security audit, we discovered and corrected a vulnerability.
Insecure deserialization of YAML
Status: Fixed in Humio 1.9.3
Classification: Medium
Fixed an issue related to insecure deserilization of YAML files in our Dashboard Template files. The issue would have made it possible for an authenticated user to craft a YAML file that when uploaded would exhaust the node responsible for reading the file. We found no evidence that this exploit have been utilized on our cloud.
Comments
0 comments
Please sign in to leave a comment.