Vulnerabilities > CVE-2024-35328 - Infinite Loop vulnerability in Pyyaml Libyaml 0.2.5

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
pyyaml
CWE-835
NVD
Published: 2024-06-13
Updated: 2024-07-19

Summary

libyaml v0.2.5 is vulnerable to DDOS. Affected by this issue is the function yaml_parser_parse of the file /src/libyaml/src/parser.c.

Vulnerable Configurations

Part Description Count
Application
Pyyaml
1

Common Weakness Enumeration (CWE)

References