9 matches found
UBUNTU-CVE-2025-62348
Salt's junos execution module contained an unsafe YAML decode/load usage. A specially crafted YAML payload processed by the junos module could lead to unintended code execution under the context of the Salt process...
PT-2026-5434
Name of the Vulnerable Software and Affected Versions Salt affected versions not specified Description The Salt junos execution module has an issue with how it processes YAML data. Specifically, it uses an unsafe method to decode and load YAML. A carefully designed YAML payload processed by the...
perl-Convert-ASN1 security update
0.27-18 - Fix unsafe decoding in indef case CVE-2013-7488...
SUSE CVE-2013-0333
lib/activesupport/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication v...
perl-Convert-ASN1 Denial of Service Vulnerability
Perl is a general-purpose, interpreted, dynamic cross-platform programming language from the Perl community. A security vulnerability exists in perl-Convert-ASN1 0.27 and earlier versions, which stems from the program's unsafe decoding of user input. A remote attacker can exploit the vulnerabilit...
Unsafe Decoding
pyasn1 performs unsafe canonical decoding. The libraries canonical decoders incorrectly decodes non-canonical variations and produces more than one valid substrate. This could potentially lead to a bypass in protection if left unchecked...
DEBIAN-CVE-2013-0333
lib/activesupport/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication v...
CVE-2013-0333
lib/activesupport/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication v...
rubygem-activesupport: json to yaml parsing
lib/activesupport/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.20 does not properly convert JSON data to YAML data for processing by a YAML parser, which allows remote attackers to execute arbitrary code, conduct SQL injection attacks, or bypass authentication v...