Lucene search
+L

91 matches found

NVD
NVD
added yesterday5 views

CVE-2026-57076

YAML::Syck versions before 1.47 for Perl allow a heap use-after-free via an anchor name reused as an anchors-table key in syckhdlraddanchor. In the bundled libsyck an anchor name allocated by syckstrndup is stored both as node-anchor, freed when the node is freed, and as the key in the parser's...

Exploits0References3
NVD
NVD
added yesterday5 views

CVE-2026-57075

YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syckbase64dec. The base64 decoder in the bundled libsyck indexes the 256-entry static table b64xtable with a signed char, so any !!binary byte = 0x80 sign-extends to a negative index and...

Exploits0References3
CVE
CVE
added yesterday4 views

CVE-2026-57077

CVE-2026-57077 affects YAML::Syck for Perl; versions before 1.47 are vulnerable to an out-of-bounds read in newline_len caused by an unbounded newline scan. The issue arises from dereferencing the scan pointer and the following byte for a "\r\n" pair during block-scalar lexing at a document bound...

6.1AI score
Exploits0References3
CVE
CVE
added yesterday4 views

CVE-2026-57075

YAML::Syck vulnerability CVE-2026-57075 affects Perl in versions before 1.47. The base64 decoder in the bundled libsyck uses a 256-entry table (b64_xtable) indexed by a signed char; bytes with high bit set (>= 0x80) sign-extend to negative indices and read before the table, triggering an out-o...

6.1AI score
Exploits0References3
CVE
CVE
added yesterday8 views

CVE-2026-13713

CVE-2026-13713 affects YAML::Syck before 1.47 (Perl). The issue is a use-after-free/double-free caused by redefining or removing an anchor: syck_hdlr_add_anchor and syck_hdlr_remove_anchor free the node under that name, which may still reside on the parser’s value stack. When the same node is fre...

6.1AI score
Exploits0References3
Cvelist
Cvelist
added yesterday20 views

CVE-2026-13713 YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack

YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syckhdlraddanchor and syckhdlrremoveanchor free the node stored under that name with...

Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.8 views

openSUSE 16 Security Update : perl-YAML-Syck (openSUSE-SU-2026:20938-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20938-1 advisory. Changes in perl-YAML-Syck: - CVE-2026-5089: prevent buffer underflow in base60 sexagesimal parsing PR 133 bsc1265155. Tenable has extracted the precedin...

7.3CVSS5.5AI score0.00333EPSS
Exploits0References3
OSV
OSV
added 2026/06/10 11:47 a.m.6 views

OPENSUSE-SU-2026:20938-1 Security update for perl-YAML-Syck

This update for perl-YAML-Syck fixes the following issues: Changes in perl-YAML-Syck: - CVE-2026-5089: prevent buffer underflow in base60 sexagesimal parsing PR 133 bsc1265155...

7.3CVSS5.5AI score0.00333EPSS
Exploits0References2
Amazon
Amazon
added 2026/06/08 12:0 a.m.12 views

Medium: perl-YAML-Syck

Issue Overview: YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase60 and floatbase60 handlers. When processing the leftmost segment of a colon-separated value e.g., the 1 in 1:30:45, the...

7.3CVSS5.7AI score0.00333EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2 : perl-YAML-Syck, --advisory ALAS2-2026-3327 (ALAS-2026-3327)

The version of perl-YAML-Syck installed on the remote host is prior to 1.27-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3327 advisory. YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a...

7.3CVSS5.9AI score0.00333EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

Amazon Linux 2023 : perl-YAML-Syck, perl-YAML-Syck-tests (ALAS2023-2026-1769)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1769 advisory. YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase60 and floatbase60 handlers. When...

7.3CVSS5.8AI score0.00333EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/30 12:0 a.m.14 views

Security update for perl-YAML-Syck (moderate)

openSUSE Security Update: Security update for perl-YAML-Syck Announcement ID: openSUSE-SU-2026:0180-1 Rating: moderate References: 1252111 1259757 Cross-References: CVE-2025-11683 CVE-2026-4177 CVSS scores: CVE-2025-11683 SUSE: 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products:...

6.5CVSS6.1AI score0.00429EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/05/24 12:0 a.m.14 views

perl-YAML-Syck-1.450.0-4.1 on GA media (moderate)

perl-YAML-Syck-1.450.0-4.1 on GA media Announcement ID: openSUSE-SU-2026:10846-1 Rating: moderate Cross-References: CVE-2026-5089 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

7.3CVSS5.8AI score0.00333EPSS
Exploits0
OSV
OSV
added 2026/05/23 12:0 a.m.8 views

OPENSUSE-SU-2026:10846-1 perl-YAML-Syck-1.450.0-4.1 on GA media

These are all security issues fixed in the perl-YAML-Syck-1.450.0-4.1 package on the GA media of openSUSE Tumbleweed...

7.3CVSS5.8AI score0.00333EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-5089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase...

7.3CVSS6.1AI score0.00333EPSS
Exploits0References4
Mageia
Mageia
added 2026/05/18 7:12 p.m.14 views

Updated perl-YAML-Syck package fixes security vulnerability

YAML::Syck versions before 1.38 for Perl have an out-of-bounds read...

7.3CVSS5.8AI score0.00333EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/13 2:26 p.m.12 views

SUSE CVE-2026-5089

YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase60 and floatbase60 handlers. When processing the leftmost segment of a colon-separated value e.g., the 1 in 1:30:45, the inner while loop...

7.3CVSS6AI score0.00333EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/12 5:16 p.m.11 views

CVE-2026-5089

YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase60 and floatbase60 handlers. When processing the leftmost segment of a colon-separated value e.g., the 1 in 1:30:45, the inner while loop...

7.3CVSS6AI score0.00333EPSS
Exploits0References4
OSV
OSV
added 2026/05/12 5:16 p.m.8 views

UBUNTU-CVE-2026-5089

YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase60 and floatbase60 handlers. When processing the leftmost segment of a colon-separated value e.g., the 1 in 1:30:45, the inner while loop...

7.3CVSS6AI score0.00333EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/12 4:14 p.m.33 views

CVE-2026-5089 YAML::Syck versions before 1.38 for Perl has an out-of-bounds read

YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a buffer underflow bug in both intbase60 and floatbase60 handlers. When processing the leftmost segment of a colon-separated value e.g., the 1 in 1:30:45, the inner while loop...

0.00333EPSS
Exploits0References4
Rows per page
Query Builder