LibYAML is vulnerable to Heap buffer overflow. The vulnerability is due to the lack of proper initialization of the emitter when yaml_emitter_emit
is called without yaml_emitter_initialize
. An attacker can exploit this vulnerability by providing specially crafted inputs to trigger the overflow, potentially leading to arbitrary code execution. Note that there is no known exploit, and the vulnerability relies on a developer error when calling yaml_emitter_emit
without yaml_emitter_initialize
.