5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.017 Low
EPSS
Percentile
85.7%
YAML is a data serialization format designed for human readability and
interaction with scripting languages. LibYAML is a YAML parser and emitter
written in C.
An assertion failure was found in the way the libyaml library parsed
wrapped strings. An attacker able to load specially crafted YAML input into
an application using libyaml could cause the application to crash.
(CVE-2014-9130)
All libyaml users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. All running applications
linked against the libyaml library must be restarted for this update to
take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | libyaml | < 0.1.3-4.el6_6 | libyaml-0.1.3-4.el6_6.x86_64.rpm |
RedHat | 6 | i686 | libyaml-devel | < 0.1.3-4.el6_6 | libyaml-devel-0.1.3-4.el6_6.i686.rpm |
RedHat | 6 | x86_64 | libyaml-devel | < 0.1.3-4.el6_6 | libyaml-devel-0.1.3-4.el6_6.x86_64.rpm |
RedHat | 6 | i686 | libyaml | < 0.1.3-4.el6_6 | libyaml-0.1.3-4.el6_6.i686.rpm |
RedHat | 6 | src | libyaml | < 0.1.3-4.el6_6 | libyaml-0.1.3-4.el6_6.src.rpm |
RedHat | 6 | i686 | libyaml-debuginfo | < 0.1.3-4.el6_6 | libyaml-debuginfo-0.1.3-4.el6_6.i686.rpm |
RedHat | 6 | x86_64 | libyaml-debuginfo | < 0.1.3-4.el6_6 | libyaml-debuginfo-0.1.3-4.el6_6.x86_64.rpm |