Overview

CVE-2014-9130 - LibYAML vulnerability could allow denial of service

  • Posted April 28, 2015

  • Assessed Risk Level: Low

A flaw in the libyaml library’s parsing of wrapped strings could allow an attacker to cause a denial of service by loading a specially crafted YAML document.

CVSS v2 Score: 3.2

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C

Status:

Affected Software Versions:

  • Puppet Enterprise 3.x

Resolved in:

  • Puppet Enterprise 3.8.0