CVE-2024-35328

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-35328
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

28 Aug 2024, 16:15

Type Values Removed Values Added
References
  • {'url': 'https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35328.c', 'tags': ['Exploit'], 'source': 'cve@mitre.org'}
  • {'url': 'https://github.com/idhyt/pocs/tree/main/libyaml', 'source': 'cve@mitre.org'}
Summary
  • (es) libyaml v0.2.5 es vulnerable a DDOS. La función yaml_parser_parse del archivo /src/libyaml/src/parser.c es afectada por esta vulnerabilidad.
Summary (en) libyaml v0.2.5 is vulnerable to a denial of service. Affected by this issue is the function yaml_parser_parse of the file /src/libyaml/src/parser.c. NOTE: this is disputed by the supplier because the discoverer's sample C code is incorrect: it does not call required _initialize functions that are described in the LibYAML documentation. (en) Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CPE cpe:2.3:a:pyyaml:libyaml:0.2.5:*:*:*:*:*:*:*
CWE CWE-835
CVSS v2 : unknown
v3 : 7.5 		v2 : unknown
v3 : unknown

28 Aug 2024, 15:15

Type Values Removed Values Added
References
  • () https://github.com/idhyt/pocs/tree/main/libyaml -
Summary (en) libyaml v0.2.5 is vulnerable to DDOS. Affected by this issue is the function yaml_parser_parse of the file /src/libyaml/src/parser.c. (en) libyaml v0.2.5 is vulnerable to a denial of service. Affected by this issue is the function yaml_parser_parse of the file /src/libyaml/src/parser.c. NOTE: this is disputed by the supplier because the discoverer's sample C code is incorrect: it does not call required _initialize functions that are described in the LibYAML documentation.

19 Jul 2024, 15:25

Type Values Removed Values Added
Summary
  • (es) libyaml v0.2.5 es vulnerable a DDOS. La función yaml_parser_parse del archivo /src/libyaml/src/parser.c es afectada por esta vulnerabilidad.
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.5
CWE CWE-835
First Time Pyyaml libyaml
Pyyaml
References () https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35328.c - () https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35328.c - Exploit
CPE cpe:2.3:a:pyyaml:libyaml:0.2.5:*:*:*:*:*:*:*

13 Jun 2024, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-13 16:15

Updated : 2024-08-28 16:15

NVD link : CVE-2024-35328

Mitre link : CVE-2024-35328

CVE.ORG link : CVE-2024-35328

JSON object : View

Products Affected

No product.

CWE

No CWE.