CVE-2014-9130

EPSS 57.6%

pyyaml - security update

發布日:2014/12/8修改日:2026/4/28

描述

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.

受影響套件(10)

Alpine/yamlfrom 0, < 0.1.6-r1
Debian/libyamlfrom 0, < 0.1.4-2+deb7u5
Debian/libyamlfrom 0, < 0.1.6-3
Debian/libyamlfrom 0, < 0.1.3-1+deb6u5
Debian/libyaml-libyaml-perlfrom 0, < 0.33-1+squeeze4
Debian/libyaml-libyaml-perlfrom 0, < 0.41-6
Debian/libyaml-libyaml-perlfrom 0, < 0.38-3+deb7u3
Debian/pyyamlfrom 0, < 3.11-2
Debian/pyyamlfrom 0, < 3.09-5+deb6u1
Debian/pyyamlfrom 0, < 3.10-4+deb7u1

參考連結(2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2014-9130
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-9130