scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://bugs.debian.org/902409 | |
https://usn.ubuntu.com/3704-1/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-07-01T22:00:00
Updated: 2024-08-05T08:52:49.834Z
Reserved: 2018-07-01T00:00:00
Link: CVE-2018-13043
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-07-01T22:29:00.207
Modified: 2019-08-19T17:29:05.237
Link: CVE-2018-13043
Redhat
No data.