VYPR

rpm package

opensuse/perl-YAML-Syck&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/perl-YAML-Syck&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2026-5089HigMay 12, 2026
    affected < 1.450.0-4.1fixed 1.450.0-4.1

    YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 (sexagesimal) parsing code in perl_syck.h has a buffer underflow bug in both int#base60 and float#base60 handlers. When processing the leftmost segment of a colon-separated value (e.g., the 1 in 1:30

  • CVE-2026-4177Mar 16, 2026
    affected < 1.440.0-1.1fixed 1.440.0-1.1

    YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the

  • CVE-2025-11683Oct 16, 2025
    affected < 1.450.0-1.1fixed 1.450.0-1.1

    YAML::Syck versions before 1.36 for Perl has missing null-terminators which causes out-of-bounds read and potential information disclosure Missing null terminators in token.c leads to but-of-bounds read which allows adjacent variable to be read The issue is seen with complex YA