Описание
scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.
Ссылки
- PatchVendor Advisory
- Third Party Advisory
- PatchVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.18.3 (включая)
cpe:2.3:a:debian:devscripts:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
EPSS
Процентиль: 79%
0.01212
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 7 лет назад
scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.
CVSS3: 9.8
debian
больше 7 лет назад
scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows cod ...
CVSS3: 9.8
github
больше 3 лет назад
scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.
EPSS
Процентиль: 79%
0.01212
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-94