Lucene search
Ubuntu.comUB:CVE-2024-35325HistoryJun 13, 2024 - 12:00 a.m.
CVE-2024-35325
2024-06-1300:00:00
ubuntu.com
ubuntu.com
2
vulnerability
libyaml
0.2.5
double-free
yaml_event_delete
golang-goyaml
design flaws
unix
A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is
the function yaml_event_delete of the file /src/libyaml/src/api.c. The
manipulation leads to a double-free.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | golang-goyaml is a go translation of libyaml and shouldn’t share implementation flaws, but may share design flaws |
| mdeslaur | This is a misuse of the API per the upstream libyaml developers. This CVE is likely to get rejected, marking as deferred to make sure. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 16.04 | noarch | golang-goyaml | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | golang-yaml.v2 | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | golang-yaml.v2 | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | golang-yaml.v2 | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | golang-yaml.v2 | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | golang-yaml.v2 | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | golang-yaml.v2 | < any | UNKNOWN |
| ubuntu | 18.04 | noarch | libyaml | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | libyaml | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | libyaml | < any | UNKNOWN |
Related
redhatcve
redhatcve
CVE-2024-35325
2024-06-14 06:12:24
nvd
nvd
CVE-2024-35325
2024-06-13 17:15:50
cvelist
cvelist
CVE-2024-35325
2024-06-13 00:00:00
veracode
veracode
Double Free
2024-06-17 06:55:33
cve
cve
CVE-2024-35325
2024-06-13 17:15:50