MidnightBSD

Advisories for pyyaml

CVE-2013-6393 MEDIUM

The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 6.0
redhat openstack 3.0
canonical ubuntu_linux 13.10
pyyaml libyaml 0.1.2
debian debian_linux 7.0
opensuse opensuse 13.2
canonical ubuntu_linux 12.04
opensuse leap 42.1
opensuse opensuse 11.4
pyyaml libyaml 0.1.3
pyyaml libyaml *
pyyaml libyaml 0.1.1
pyyaml libyaml 0.0.1
opensuse opensuse 13.1
redhat openstack 4.0
canonical ubuntu_linux 12.10
CVE-2014-2525 MEDIUM

Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse opensuse 13.2
opensuse leap 42.1
pyyaml libyaml 0.1.4
pyyaml libyaml 0.1.3
pyyaml libyaml *
pyyaml libyaml 0.1.2
pyyaml libyaml 0.1.1
pyyaml libyaml 0.0.1
opensuse opensuse 13.1
CVE-2014-9130 MEDIUM

scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
pyyaml libyaml 0.1.6
pyyaml libyaml 0.1.5
CVE-2017-18342 HIGH

In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
fedoraproject fedora 29
fedoraproject fedora 30
fedoraproject fedora 28
pyyaml pyyaml *
CVE-2019-20477 HIGH

PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-502,

Products Affected

Vendor Product Version
fedoraproject fedora 30
fedoraproject fedora 31
pyyaml pyyaml *
CVE-2020-14343 HIGH

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
pyyaml pyyaml *
oracle communications_cloud_native_core_network_function_cloud_native_environment 1.10.0
oracle communications_cloud_native_core_network_function_cloud_native_environment 22.1.0
CVE-2020-1747 HIGH

A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
fedoraproject fedora 33
fedoraproject fedora 30
fedoraproject fedora 31
pyyaml pyyaml *
opensuse leap 15.1
oracle communications_cloud_native_core_network_function_cloud_native_environment 22.1.0
fedoraproject fedora 32