NVD

Id
30943  
Name
CVE-2014-2525  
Description
Heap-based buffer overflow in the yaml_parser_scan_uri_escapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-03-28  
Modified Date
2016-08-05  
Seq
2014-2525  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
162717 30943 CVE-2014-2525 http://advisories.mageia.org/MGASA-2014-0150.html  View
162718 30943 CVE-2014-2525 openSUSE-SU-2014:0500  View
162719 30943 CVE-2014-2525 openSUSE-SU-2015:0319  View
162720 30943 CVE-2014-2525 openSUSE-SU-2016:1067  View
162721 30943 CVE-2014-2525 RHSA-2014:0353  View
162722 30943 CVE-2014-2525 RHSA-2014:0354  View
162723 30943 CVE-2014-2525 RHSA-2014:0355  View
162724 30943 CVE-2014-2525 http://support.apple.com/kb/HT6443  View
162725 30943 CVE-2014-2525 DSA-2884  View
162726 30943 CVE-2014-2525 DSA-2885  View
162727 30943 CVE-2014-2525 http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/  View
162728 30943 CVE-2014-2525 http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/  View
162729 30943 CVE-2014-2525 http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/  View
162730 30943 CVE-2014-2525 MDVSA-2015:060  View
162731 30943 CVE-2014-2525 http://www.ocert.org/advisories/ocert-2014-003.html  View
162732 30943 CVE-2014-2525 66478  View
162733 30943 CVE-2014-2525 USN-2160-1  View
162734 30943 CVE-2014-2525 https://bitbucket.org/xi/libyaml/commits/bce8b60f0b9af69fa9fab3093d0a41ba243de048  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
12959 JVNDB-2014-001834 LibYAML の yaml_parser_scan_uri_escapes 関数におけるヒープベースのバッファオーバーフローの脆弱性 LibYAML の yaml_parser_scan_uri_escapes 関数には、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2014-2525 69812 CVE-2014-2525 30943 6.8 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001834.html 2014-03-26 2015-06-22 View