ALT-PU-2016-2012-1
Closed vulnerabilities
Published: 2014-12-08
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-9130
scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.
Severity: MEDIUM (5.0)
References:
- http://advisories.mageia.org/MGASA-2014-0508.html
- http://advisories.mageia.org/MGASA-2014-0508.html
- http://linux.oracle.com/errata/ELSA-2015-0100.html
- http://linux.oracle.com/errata/ELSA-2015-0100.html
- openSUSE-SU-2015:0319
- openSUSE-SU-2015:0319
- openSUSE-SU-2016:1067
- openSUSE-SU-2016:1067
- RHSA-2015:0100
- RHSA-2015:0100
- RHSA-2015:0112
- RHSA-2015:0112
- RHSA-2015:0260
- RHSA-2015:0260
- 59947
- 59947
- 60944
- 60944
- 62164
- 62164
- 62174
- 62174
- 62176
- 62176
- 62705
- 62705
- 62723
- 62723
- 62774
- 62774
- DSA-3102
- DSA-3102
- DSA-3103
- DSA-3103
- DSA-3115
- DSA-3115
- MDVSA-2014:242
- MDVSA-2014:242
- MDVSA-2015:060
- MDVSA-2015:060
- [oss-security] 20141128 libyaml / YAML-LibYAML DoS
- [oss-security] 20141128 libyaml / YAML-LibYAML DoS
- [oss-security] 20141128 Re: libyaml / YAML-LibYAML DoS
- [oss-security] 20141128 Re: libyaml / YAML-LibYAML DoS
- [oss-security] 20141129 Re: Re: libyaml / YAML-LibYAML DoS
- [oss-security] 20141129 Re: Re: libyaml / YAML-LibYAML DoS
- 71349
- 71349
- USN-2461-1
- USN-2461-1
- USN-2461-2
- USN-2461-2
- USN-2461-3
- USN-2461-3
- https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
- https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
- https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
- https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
- libyaml-cve20149130-dos(99047)
- libyaml-cve20149130-dos(99047)
- https://puppet.com/security/cve/cve-2014-9130
- https://puppet.com/security/cve/cve-2014-9130