Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-6393HistoryFeb 06, 2014 - 10:55 p.m.
CVE-2013-6393
2014-02-0622:55:03
Debian Security Bug Tracker
security-tracker.debian.org
29
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.025 Low
EPSS
Percentile
90.2%
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libyaml | < 0.1.4-3 | libyaml_0.1.4-3_all.deb |
| Debian | 11 | all | libyaml | < 0.1.4-3 | libyaml_0.1.4-3_all.deb |
| Debian | 999 | all | libyaml | < 0.1.4-3 | libyaml_0.1.4-3_all.deb |
| Debian | 13 | all | libyaml | < 0.1.4-3 | libyaml_0.1.4-3_all.deb |
| Debian | 12 | all | libyaml-libyaml-perl | < 0.41-4 | libyaml-libyaml-perl_0.41-4_all.deb |
| Debian | 11 | all | libyaml-libyaml-perl | < 0.41-4 | libyaml-libyaml-perl_0.41-4_all.deb |
| Debian | 999 | all | libyaml-libyaml-perl | < 0.41-4 | libyaml-libyaml-perl_0.41-4_all.deb |
| Debian | 13 | all | libyaml-libyaml-perl | < 0.41-4 | libyaml-libyaml-perl_0.41-4_all.deb |
Related
nessus
nessus
openSUSE Security Update : libyaml (openSUSE-SU-2014:0381-1)
2014-06-13 00:00:00
GLSA-201403-02 : LibYAML: Arbitrary code execution
2014-03-10 00:00:00
Debian DSA-2850-1 : libyaml - heap-based buffer overflow
2014-02-02 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-291)
2015-09-08 00:00:00
Debian: Security Advisory (DSA-2870-1)
2014-03-07 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: libyaml-0.1.4-6.fc19
2014-02-08 05:01:45
[SECURITY] Fedora 20 Update: libyaml-0.1.4-6.fc20
2014-02-08 05:00:26
[SECURITY] Fedora 20 Update: libyaml-0.1.6-1.fc20
2014-04-05 04:52:10
nodejs
nodejs
Heap Based Buffer Overflow
2015-10-17 19:41:46
osv
osv
Heap Based Buffer Overflow in libyaml
2020-08-31 22:51:50
cve
cve
CVE-2013-6393
2014-02-06 22:55:03
freebsd
freebsd
libyaml heap overflow resulting in possible code execution
2013-11-24 00:00:00
debian
debian
[SECURITY] [DSA 2850-1] libyaml security update
2014-01-31 21:25:45
[SECURITY] [DSA 2850-1] libyaml security update
2014-01-31 21:25:45
[SECURITY] [DSA 2870-1] libyaml-libyaml-perl security update
2014-03-08 12:52:12
securityvulns
securityvulns
[USN-2098-1] LibYAML vulnerability
2014-02-10 00:00:00
libYAML buffer overflow
2014-03-31 00:00:00
[oss-security] CVE request: various NodeJS module vulnerabilities
2014-05-15 00:00:00
github
github
Heap Based Buffer Overflow in libyaml
2020-08-31 22:51:50
mageia
mageia
Updated yaml packages fix CVE-2013-6393
2014-02-08 23:11:21
Updated perl-YAML-LibYAML package fixes security vulnerabilies
2014-04-03 05:02:12
prion
prion
Heap overflow
2014-02-06 22:55:00
amazon
amazon
Important: libyaml
2014-02-26 14:27:00
Important: perl-YAML-LibYAML
2014-04-17 14:18:00
cvelist
cvelist
CVE-2013-6393
2014-02-06 22:00:00
gentoo
gentoo
LibYAML: Arbitrary code execution
2014-03-08 00:00:00
ubuntu
ubuntu
LibYAML vulnerability
2014-02-04 00:00:00
libyaml-libyaml-perl vulnerabilities
2014-04-03 00:00:00
ubuntucve
ubuntucve
CVE-2013-6393
2014-01-27 00:00:00
nvd
nvd
CVE-2013-6393
2014-02-06 22:55:03
redhat
redhat
(RHSA-2014:0353) Important: libyaml security update
2014-04-02 00:00:00
(RHSA-2014:0354) Important: libyaml security update
2014-04-02 00:00:00
(RHSA-2014:0415) Important: libyaml security update
2014-04-17 00:00:00
centos
centos
ruby193 security update
2014-05-21 17:51:09
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.025 Low
EPSS
Percentile
90.2%
Related for DEBIANCVE:CVE-2013-6393