SUSE SLED15 / SLES15 / openSUSE 15 : Recommended update for perl-YAML-LibYAML (SUSE-SU-SUSE-RU-2025:03081-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2025:03081-1 advisory. - Updated to 0.904.0 - Dependency submission for the openQA stack Tenable has extracted the...

EUVD-2012-1186

Malware in sbrugna...

EUVD-2025-16577

Malicious code in bioql PyPI...

NewStart CGSL MAIN 6.06 : PyYAML Vulnerability (NS-SA-2025-0215)

The remote NewStart CGSL host, running version MAIN 6.06, has PyYAML packages installed that are affected by a vulnerability: - scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML aka YAML-XS module for Perl, allows context-dependent attackers to cause a denial of service assertion...

CVE-2025-40908 affecting package perl-YAML-LibYAML for versions less than 0.902.0-2

CVE-2025-40908 affecting package perl-YAML-LibYAML for versions less than 0.902.0-2. An upgraded version of the package is available that resolves this issue...

RockyLinux 8 : perl-YAML-LibYAML (RLSA-2025:9329)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9329 advisory. yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 Tenable has extracted the preceding description block directly from the RockyLinux...

perl-YAML-LibYAML security update

An update is available for perl-YAML-LibYAML. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kirill Siminov's "libyaml" is arguably the best YAML implementation...

SUSE: Security Advisory (SUSE-SU-2025:01885-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : perl-YAML-LibYAML (SUSE-SU-2025:01885-2)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01885-2 advisory. - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902 Tenable has extracted the...

SUSE-SU-2025:01885-2 Security update for perl-YAML-LibYAML

This update for perl-YAML-LibYAML fixes the following issues: - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902...

Ubuntu 22.04 LTS / 24.04 LTS : YAML-LibYAML vulnerability (USN-7632-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7632-1 advisory. It was discovered that YAML-LibYAML incorrectly handled certain file names. An attacker could possibly use this issue to overwrite arbitrary files...

perl-YAML-LibYAML-0.904.0-2.1 on GA media (moderate)

perl-YAML-LibYAML-0.904.0-2.1 on GA media Announcement ID: openSUSE-SU-2025:15261-1 Rating: moderate Cross-References: CVE-2025-40908 CVSS scores: CVE-2025-40908 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2025-40908 SUSE : 8.3...

AlmaLinux 9 : perl-YAML-LibYAML (ALSA-2025:9330)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:9330 advisory. yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 Tenable has extracted the preceding description block directly from the AlmaLinux securit...

AlmaLinux 8 : perl-YAML-LibYAML (ALSA-2025:9329)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:9329 advisory. yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 Tenable has extracted the preceding description block directly from the AlmaLinux securit...

SUSE SLES12 Security Update : perl-YAML-LibYAML (SUSE-SU-2025:01885-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:01885-1 advisory. - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902 Tenable has extracted the...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : perl-YAML-LibYAML (SUSE-SU-2025:01886-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:01886-1 advisory. - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be...

Oracle Linux 8 : perl-YAML-LibYAML (ELSA-2025-9329)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9329 advisory. 1:0.70-2 - Use 3-arg form of open in LoadFile CVE-2025-40908 Tenable has extracted the preceding description block directly from the Oracle Linux security...

GLSA-202506-11 : YAML-LibYAML: Shell injection

The remote host is affected by the vulnerability described in GLSA-202506-11 YAML-LibYAML: Shell injection YAML-LibYAML uses the legacy '2-arg' open call which is susceptible to shell injection via malicious filenames. Tenable has extracted the preceding description block directly from the Gentoo...

Oracle Linux 9 : perl-YAML-LibYAML (ELSA-2025-9330)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-9330 advisory. 1:0.82-6.1 - Use 3-arg form of open in LoadFile CVE-2025-40908 Tenable has extracted the preceding description block directly from the Oracle Linux security...

perl-YAML-LibYAML security update

1:0.70-2 - Use 3-arg form of open in LoadFile CVE-2025-40908...