Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
YAML::Syck versions before 1.36 for Perl has missing Null-Terminators which causes Out-of-Bounds Read and potential Information Disclosure
Vulnerability Description
YAML::Syck versions before 1.36 for Perl has missing null-terminators which causes out-of-bounds read and potential information disclosure Missing null terminators in token.c leads to but-of-bounds read which allows adjacent variable to be read The issue is seen with complex YAML files with a hash of all keys and empty values. There is no indication that the issue leads to accessing memory outside that allocated to the module.
CVSS Information
N/A
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
YAML::Syck 安全漏洞
Vulnerability Description
YAML::Syck是CPAN Authors开源的一个Perl库。 YAML::Syck 1.36之前版本存在安全漏洞,该漏洞源于token.c中缺少空终止符,可能导致越界读取和信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A