CVE-2018-13043

Опубликовано: 01 июл. 2018

Источник: debian

Описание

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
devscripts	fixed	2.18.4		package
devscripts	not-affected		stretch	package
devscripts	not-affected		jessie	package

Связанные уязвимости

CVE-2018-13043

CVSS3: 9.8

ubuntu

больше 7 лет назад

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

CVE-2018-13043

CVSS3: 9.8

nvd

больше 7 лет назад

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

GHSA-6229-3fh2-qhp3

CVSS3: 9.8

github

больше 3 лет назад

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.