Search CVE reports

Toggle filters

1 – 9 of 9 results

CVE-2025-40908

Medium priority

Some fixes available 2 of 6

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified

1 affected package

libyaml-libyaml-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml-libyaml-perl Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2024-35329

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

4 affected packages

libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml Not affected Not affected Not affected Not affected
libyaml-libyaml-perl Not affected Not affected Not affected Not affected
golang-goyaml Not in release Not in release Not in release
golang-yaml.v2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-35328

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

4 affected packages

libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml Not affected Not affected Not affected Not affected
libyaml-libyaml-perl Not affected Not affected Not affected Not affected
golang-goyaml Not in release Not in release Not in release
golang-yaml.v2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-35326

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

4 affected packages

libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml Not affected Not affected Not affected Not affected
libyaml-libyaml-perl Not affected Not affected Not affected Not affected
golang-goyaml Not in release Not in release Not in release
golang-yaml.v2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2024-35325

Medium priority
Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

4 affected packages

libyaml, libyaml-libyaml-perl, golang-goyaml, golang-yaml.v2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml Not affected Not affected Not affected Not affected
libyaml-libyaml-perl Not affected Not affected Not affected Not affected
golang-goyaml Not in release Not in release Not in release
golang-yaml.v2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2014-9130

Medium priority

Some fixes available 9 of 12

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.

3 affected packages

libyaml, pyyaml, libyaml-libyaml-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml
pyyaml
libyaml-libyaml-perl
Show less packages

CVE-2014-2525

Medium priority

Some fixes available 6 of 8

Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.

2 affected packages

libyaml, libyaml-libyaml-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml
libyaml-libyaml-perl
Show less packages

CVE-2013-6393

Medium priority

Some fixes available 6 of 9

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted...

2 affected packages

libyaml, libyaml-libyaml-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml
libyaml-libyaml-perl
Show less packages

CVE-2012-1152

Medium priority

Some fixes available 5 of 8

Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via...

1 affected package

libyaml-libyaml-perl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libyaml-libyaml-perl
Show less packages