Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML prior to 0.1.6 allows context-dependent malicious users to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pyyaml libyaml 0.1.3 |
||
pyyaml libyaml 0.1.2 |
||
pyyaml libyaml |
||
pyyaml libyaml 0.1.4 |
||
pyyaml libyaml 0.1.1 |
||
pyyaml libyaml 0.0.1 |
||
opensuse opensuse 13.2 |
||
opensuse opensuse 13.1 |
||
opensuse leap 42.1 |