5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.018 Low
EPSS
Percentile
88.2%
Package : pyyaml
Version : 3.09-5+deb6u1
CVE ID : CVE-2014-9130
Debian Bug : 772815
Jonathan Gray and Stanislaw Pitucha found an assertion failure in the
way wrapped strings are parsed in Python-YAML, a YAML parser and emitter
for Python. An attacker able to load specially crafted YAML input into an
application using python-yaml could cause the application to crash.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | ia64 | libyaml-0-2-dbg | < 0.1.4-2+deb7u5 | libyaml-0-2-dbg_0.1.4-2+deb7u5_ia64.deb |
Debian | 6 | all | libyaml-libyaml-perl | < 0.33-1+squeeze4 | libyaml-libyaml-perl_0.33-1+squeeze4_all.deb |
Debian | 7 | i386 | python3-yaml | < 3.10-4+deb7u1 | python3-yaml_3.10-4+deb7u1_i386.deb |
Debian | 7 | armel | python-yaml | < 3.10-4+deb7u1 | python-yaml_3.10-4+deb7u1_armel.deb |
Debian | 7 | all | libyaml | < 0.1.4-2+deb7u5 | libyaml_0.1.4-2+deb7u5_all.deb |
Debian | 7 | sparc | python3-yaml | < 3.10-4+deb7u1 | python3-yaml_3.10-4+deb7u1_sparc.deb |
Debian | 7 | s390 | python-yaml | < 3.10-4+deb7u1 | python-yaml_3.10-4+deb7u1_s390.deb |
Debian | 7 | armhf | python-yaml | < 3.10-4+deb7u1 | python-yaml_3.10-4+deb7u1_armhf.deb |
Debian | 7 | s390x | python3-yaml | < 3.10-4+deb7u1 | python3-yaml_3.10-4+deb7u1_s390x.deb |
Debian | 7 | powerpc | libyaml-0-2 | < 0.1.4-2+deb7u5 | libyaml-0-2_0.1.4-2+deb7u5_powerpc.deb |