TencentOS Server 4: perl-YAML-LibYAML (TSSA-2025:0507)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0507 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

ROOT-OS-DEBIAN-11-CVE-2025-40908 CVE-2025-40908 in rootio-libyaml-libyaml-perl - Patched by Root

Root has patched CVE-2025-40908 in the rootio-libyaml-libyaml-perl package for Root:Debian:11. Multiple fixed versions available...

EUVD-2025-16577

Malicious code in bioql PyPI...

The vulnerability of the `open()` function in the YAML-LibYAML Perl programming language interpreter allows a malicious actor to gain unauthorized access and modify any file.

The vulnerability of the open function in the YAML-LibYAML Perl programming language interpreter involves the use of files and directories accessible from external parties. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to and modify a...

Ubuntu: Security Advisory (USN-7632-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : perl-YAML-LibYAML (RHSA-2025:9330)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:9330 advisory. Kirill Siminov's libyaml is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originall...

ALSA-2025:9330 Important: perl-YAML-LibYAML security update

Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby. Security Fixes: yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 For more...

SUSE CVE-2025-40908

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified...

CVE-2025-40908

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified...

CVE-2025-40908

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified...

CVE-2025-40908

CVE-2025-40908 affects perl-YAML-LibYAML; versions before 0.903.0 are vulnerable due to a 2-argument open that can modify existing files. The issue is confirmed in multiple sources; impact is described as high for confidentiality and integrity with critical severity (CVSS 3.1: 9.1). A fixed versi...

CVE-2025-40908

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified...

CVE-2025-40908

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified...

CVE-2025-40908 YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified...

Debian: Security Advisory (DLA-109-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-109-1 : libyaml-libyaml-perl security update

Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in LibYAML, a fast YAML 1.1 parser and emitter library. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. This update...

Ubuntu: Security Advisory (USN-2461-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : libyaml-libyaml-perl vulnerability (USN-2461-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2461-2 advisory. Stanisaw Pitucha and Jonathan Gray discovered that libyaml-libyaml-perl did not properly handle wrapped strings. An attacker could create specially crafted YAML...

USN-2461-2 libyaml-libyaml-perl vulnerability

Stanisław Pitucha and Jonathan Gray discovered that libyaml-libyaml-perl did not properly handle wrapped strings. An attacker could create specially crafted YAML data to trigger an assert, causing a denial of service...

Debian DSA-3103-1 : libyaml-libyaml-perl - security update

Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in LibYAML, a fast YAML 1.1 parser and emitter library. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. This update...