3 matches found
CVE-2026-13713
YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syckhdlraddanchor and syckhdlrremoveanchor free the node stored under that name with...
CVE-2026-13713
CVE-2026-13713 affects YAML::Syck before 1.47 (Perl). The issue is a use-after-free/double-free caused by redefining or removing an anchor: syck_hdlr_add_anchor and syck_hdlr_remove_anchor free the node under that name, which may still reside on the parser’s value stack. When the same node is fre...
CVE-2026-13713 YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack
YAML::Syck versions before 1.47 for Perl allow a use-after-free and double-free via an anchor node freed while still on the parser value stack. In the bundled libsyck, when an anchor name is redefined or removed, syckhdlraddanchor and syckhdlrremoveanchor free the node stored under that name with...