Описание
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.1.4-3ubuntu3 |
| lucid | ignored | end of life |
| precise | released | 0.1.4-2ubuntu0.12.04.3 |
| quantal | released | 0.1.4-2ubuntu0.12.10.3 |
| saucy | released | 0.1.4-2ubuntu0.13.10.3 |
| upstream | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.41-5 |
| lucid | ignored | end of life |
| precise | released | 0.38-2ubuntu0.1 |
| quantal | released | 0.38-3ubuntu0.12.10.1 |
| saucy | released | 0.38-3ubuntu0.13.10.1 |
| upstream | released | 0.41-5 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes functio ...
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.8 Medium
CVSS2