111 matches found
SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for perl-YAML-LibYAML (SUSE-SU-SUSE-RU-2025:03081-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2025:03081-1 advisory. - Updated to 0.904.0 - Dependency submission for the openQA stack Tenable has extracted the...
EUVD-2012-1186
Malware in sbrugna...
EUVD-2025-16577
Malicious code in bioql PyPI...
NewStart CGSL MAIN 6.06 : PyYAML Vulnerability (NS-SA-2025-0215)
The remote NewStart CGSL host, running version MAIN 6.06, has PyYAML packages installed that are affected by a vulnerability: - scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML aka YAML-XS module for Perl, allows context-dependent attackers to cause a denial of service assertion...
CVE-2025-40908 affecting package perl-YAML-LibYAML for versions less than 0.902.0-2
CVE-2025-40908 affecting package perl-YAML-LibYAML for versions less than 0.902.0-2. An upgraded version of the package is available that resolves this issue...
RockyLinux 8 : perl-YAML-LibYAML (RLSA-2025:9329)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9329 advisory. yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 Tenable has extracted the preceding description block directly from the RockyLinux...
perl-YAML-LibYAML security update
An update is available for perl-YAML-LibYAML. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kirill Siminov's "libyaml" is arguably the best YAML implementation...
SUSE: Security Advisory (SUSE-SU-2025:01885-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : perl-YAML-LibYAML (SUSE-SU-2025:01885-2)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01885-2 advisory. - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902 Tenable has extracted the...
The vulnerability of the `open()` function in the YAML-LibYAML Perl programming language interpreter allows a malicious actor to gain unauthorized access and modify any file.
The vulnerability of the open function in the YAML-LibYAML Perl programming language interpreter involves the use of files and directories accessible from external parties. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to and modify a...
SUSE-SU-2025:01885-2 Security update for perl-YAML-LibYAML
This update for perl-YAML-LibYAML fixes the following issues: - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902...
Ubuntu 22.04 LTS / 24.04 LTS : YAML-LibYAML vulnerability (USN-7632-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7632-1 advisory. It was discovered that YAML-LibYAML incorrectly handled certain file names. An attacker could possibly use this issue to overwrite arbitrary files...
perl-YAML-LibYAML-0.904.0-2.1 on GA media (moderate)
perl-YAML-LibYAML-0.904.0-2.1 on GA media Announcement ID: openSUSE-SU-2025:15261-1 Rating: moderate Cross-References: CVE-2025-40908 CVSS scores: CVE-2025-40908 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2025-40908 SUSE : 8.3...
AlmaLinux 9 : perl-YAML-LibYAML (ALSA-2025:9330)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:9330 advisory. yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 Tenable has extracted the preceding description block directly from the AlmaLinux securit...
AlmaLinux 8 : perl-YAML-LibYAML (ALSA-2025:9329)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:9329 advisory. yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 Tenable has extracted the preceding description block directly from the AlmaLinux securit...
SUSE SLES12 Security Update : perl-YAML-LibYAML (SUSE-SU-2025:01885-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01885-1 advisory. - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902 Tenable has extracted the...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : perl-YAML-LibYAML (SUSE-SU-2025:01886-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:01886-1 advisory. - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be...
Oracle Linux 9 : perl-YAML-LibYAML (ELSA-2025-9330)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9330 advisory. 1:0.82-6.1 - Use 3-arg form of open in LoadFile CVE-2025-40908 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Oracle Linux 8 : perl-YAML-LibYAML (ELSA-2025-9329)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9329 advisory. 1:0.70-2 - Use 3-arg form of open in LoadFile CVE-2025-40908 Tenable has extracted the preceding description block directly from the Oracle Linux security...
GLSA-202506-11 : YAML-LibYAML: Shell injection
The remote host is affected by the vulnerability described in GLSA-202506-11 YAML-LibYAML: Shell injection YAML-LibYAML uses the legacy '2-arg' open call which is susceptible to shell injection via malicious filenames. Tenable has extracted the preceding description block directly from the Gentoo...