CVE-2012-1152

2012-09-0921:55:00

Debian Security Bug Tracker

security-tracker.debian.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.212 Low

EPSS

Percentile

96.4%

JSON

Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string specifiers in a (1) YAML stream to the Load function, (2) YAML node to the load_node function, (3) YAML mapping to the load_mapping function, or (4) YAML sequence to the load_sequence function.

OSVersionArchitecturePackageVersionFilename
Debian12alllibyaml-libyaml-perl< 0.38-2libyaml-libyaml-perl_0.38-2_all.deb
Debian11alllibyaml-libyaml-perl< 0.38-2libyaml-libyaml-perl_0.38-2_all.deb
Debian10alllibyaml-libyaml-perl< 0.38-2libyaml-libyaml-perl_0.38-2_all.deb
Debian999alllibyaml-libyaml-perl< 0.38-2libyaml-libyaml-perl_0.38-2_all.deb
Debian13alllibyaml-libyaml-perl< 0.38-2libyaml-libyaml-perl_0.38-2_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	libyaml-libyaml-perl	< 0.38-2	libyaml-libyaml-perl_0.38-2_all.deb
Debian	11	all	libyaml-libyaml-perl	< 0.38-2	libyaml-libyaml-perl_0.38-2_all.deb
Debian	10	all	libyaml-libyaml-perl	< 0.38-2	libyaml-libyaml-perl_0.38-2_all.deb
Debian	999	all	libyaml-libyaml-perl	< 0.38-2	libyaml-libyaml-perl_0.38-2_all.deb
Debian	13	all	libyaml-libyaml-perl	< 0.38-2	libyaml-libyaml-perl_0.38-2_all.deb