CVE-2024-35325

28 Aug 2024, 16:15

Type	Values Removed	Values Added
Summary	(es) Se encontró una vulnerabilidad en libyaml hasta 0.2.5. La función yaml_event_delete del archivo /src/libyaml/src/api.c es afectada por esta vulnerabilidad. La manipulación conduce a una doble libertad.
Summary	(en) A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function yaml_event_delete of the file /src/libyaml/src/api.c. The manipulation leads to a double-free.	(en) Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
References	{'url': 'https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35325.c', 'tags': ['Exploit', 'Third Party Advisory'], 'source': 'cve@mitre.org'} {'url': 'https://github.com/idhyt/pocs/tree/main/libyaml', 'source': 'cve@mitre.org'}
CWE	CWE-415
CVSS	v2 : unknown v3 : 9.8	v2 : unknown v3 : unknown
CPE	cpe:2.3:a:pyyaml:libyaml:*:*:*:*:*:*:*:*

---

28 Aug 2024, 14:15

Type	Values Removed	Values Added
References		() https://github.com/idhyt/pocs/tree/main/libyaml -

---

23 Aug 2024, 15:43

Type	Values Removed	Values Added
References	() https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35325.c -	() https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35325.c - Exploit, Third Party Advisory
Summary		(es) Se encontró una vulnerabilidad en libyaml hasta 0.2.5. La función yaml_event_delete del archivo /src/libyaml/src/api.c es afectada por esta vulnerabilidad. La manipulación conduce a una doble libertad.
First Time		Pyyaml libyaml Pyyaml
CPE		cpe:2.3:a:pyyaml:libyaml:*:*:*:*:*:*:*:*
CWE		CWE-415
CVSS	v2 : unknown v3 : unknown	v2 : unknown v3 : 9.8

---

13 Jun 2024, 17:15

Type	Values Removed	Values Added
New CVE

---