Denial of Service Vulnerability in LibYAML Affects Application Stability
CVE-2013-6393

Currently unrated

Key Information:

Vendor

Pyyaml

Status
Vendor
CVE Published:
6 February 2014

What is CVE-2013-6393?

The yaml_parser_scan_tag_uri function in LibYAML, prior to version 0.1.5, contains a flaw due to an incorrect type cast. This flaw allows remote attackers to exploit the handling of tags in YAML documents, potentially leading to application crashes and the execution of arbitrary code via a heap-based buffer overflow through specially crafted input.

References

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.