scripts/grep-excuses.pl in Debian devscripts up to and including 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian devscripts |
||
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 18.04 |