5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.018 Low
EPSS
Percentile
88.2%
Package : libyaml
Version : 0.1.3-1+deb6u5
CVE ID : CVE-2014-9130
Debian Bug : 771366
Jonathan Gray and Stanislaw Pitucha found an assertion failure in the
way wrapped strings are parsed in LibYAML, a fast YAML 1.1 parser and
emitter library. An attacker able to load specially crafted YAML input
into an application using libyaml could cause the application to crash.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | amd64 | python3-yaml | < 3.10-4+deb7u1 | python3-yaml_3.10-4+deb7u1_amd64.deb |
Debian | 7 | powerpc | python-yaml | < 3.10-4+deb7u1 | python-yaml_3.10-4+deb7u1_powerpc.deb |
Debian | 7 | all | pyyaml | < 3.10-4+deb7u1 | pyyaml_3.10-4+deb7u1_all.deb |
Debian | 7 | armel | libyaml-0-2-dbg | < 0.1.4-2+deb7u5 | libyaml-0-2-dbg_0.1.4-2+deb7u5_armel.deb |
Debian | 6 | i386 | python3-yaml-dbg | < 3.09-5+deb6u1 | python3-yaml-dbg_3.09-5+deb6u1_i386.deb |
Debian | 7 | s390 | libyaml-0-2-dbg | < 0.1.4-2+deb7u5 | libyaml-0-2-dbg_0.1.4-2+deb7u5_s390.deb |
Debian | 7 | i386 | libyaml-dev | < 0.1.4-2+deb7u5 | libyaml-dev_0.1.4-2+deb7u5_i386.deb |
Debian | 6 | all | libyaml | < 0.1.3-1+deb6u5 | libyaml_0.1.3-1+deb6u5_all.deb |
Debian | 7 | mips | libyaml-dev | < 0.1.4-2+deb7u5 | libyaml-dev_0.1.4-2+deb7u5_mips.deb |
Debian | 7 | armel | libyaml-dev | < 0.1.4-2+deb7u5 | libyaml-dev_0.1.4-2+deb7u5_armel.deb |