Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-rj4z-edkc-pbdw

Summary security update

Aliases

alias	CVE-2014-9130

Fixed_packages

url	pkg:apk/alpine/yaml@0.1.6-r1?arch=armhf&distroversion=v3.4&reponame=main
purl	pkg:apk/alpine/yaml@0.1.6-r1?arch=armhf&distroversion=v3.4&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/yaml@0.1.6-r1%3Farch=armhf&distroversion=v3.4&reponame=main

url	pkg:apk/alpine/yaml@0.1.6-r1?arch=x86&distroversion=v3.4&reponame=main
purl	pkg:apk/alpine/yaml@0.1.6-r1?arch=x86&distroversion=v3.4&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/yaml@0.1.6-r1%3Farch=x86&distroversion=v3.4&reponame=main

url	pkg:apk/alpine/yaml@0.1.6-r1?arch=x86_64&distroversion=v3.4&reponame=main
purl	pkg:apk/alpine/yaml@0.1.6-r1?arch=x86_64&distroversion=v3.4&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/yaml@0.1.6-r1%3Farch=x86_64&distroversion=v3.4&reponame=main

url pkg:deb/debian/libyaml@0.1.4-2%2Bdeb7u5

purl pkg:deb/debian/libyaml@0.1.4-2%2Bdeb7u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ft98-s9x5-byev

vulnerability	VCID-pkg9-61ah-kbex

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.1.4-2%252Bdeb7u5

url	pkg:deb/debian/libyaml@0.1.6-3?distro=trixie
purl	pkg:deb/debian/libyaml@0.1.6-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.1.6-3%3Fdistro=trixie

url	pkg:deb/debian/libyaml@0.1.6-3
purl	pkg:deb/debian/libyaml@0.1.6-3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.1.6-3

url	pkg:deb/debian/libyaml@0.2.2-1?distro=trixie
purl	pkg:deb/debian/libyaml@0.2.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.2.2-1%3Fdistro=trixie

url	pkg:deb/debian/libyaml@0.2.5-1?distro=trixie
purl	pkg:deb/debian/libyaml@0.2.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.2.5-1%3Fdistro=trixie

url	pkg:deb/debian/libyaml@0.2.5-2?distro=trixie
purl	pkg:deb/debian/libyaml@0.2.5-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.2.5-2%3Fdistro=trixie

url pkg:deb/debian/libyaml-libyaml-perl@0.38-3%2Bdeb7u3

purl pkg:deb/debian/libyaml-libyaml-perl@0.38-3%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ft98-s9x5-byev

vulnerability	VCID-pkg9-61ah-kbex

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.38-3%252Bdeb7u3

url	pkg:deb/debian/libyaml-libyaml-perl@0.41-6?distro=trixie
purl	pkg:deb/debian/libyaml-libyaml-perl@0.41-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.41-6%3Fdistro=trixie

url	pkg:deb/debian/libyaml-libyaml-perl@0.41-6
purl	pkg:deb/debian/libyaml-libyaml-perl@0.41-6
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.41-6

url pkg:deb/debian/libyaml-libyaml-perl@0.82%2Brepack-1?distro=trixie

purl pkg:deb/debian/libyaml-libyaml-perl@0.82%2Brepack-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6zxb-1pvy-yqcp

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.82%252Brepack-1%3Fdistro=trixie

url	pkg:deb/debian/libyaml-libyaml-perl@0.86%2Bds-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libyaml-libyaml-perl@0.86%2Bds-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.86%252Bds-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libyaml-libyaml-perl@0.903.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/libyaml-libyaml-perl@0.903.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.903.0%252Bds-1%3Fdistro=trixie

url	pkg:deb/debian/libyaml-libyaml-perl@0.904.0%2Bds-1?distro=trixie
purl	pkg:deb/debian/libyaml-libyaml-perl@0.904.0%2Bds-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.904.0%252Bds-1%3Fdistro=trixie

url pkg:deb/debian/pyyaml@3.10-4%2Bdeb7u1

purl pkg:deb/debian/pyyaml@3.10-4%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1d4s-2baq-wuhk

vulnerability	VCID-2wh2-rac2-53ax

vulnerability	VCID-hrtt-vfbb-87bf

vulnerability	VCID-rj4z-edkc-pbdw

vulnerability	VCID-tk2n-xsk7-aqb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@3.10-4%252Bdeb7u1

url	pkg:deb/debian/pyyaml@3.11-2?distro=trixie
purl	pkg:deb/debian/pyyaml@3.11-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@3.11-2%3Fdistro=trixie

url pkg:deb/debian/pyyaml@3.11-2

purl pkg:deb/debian/pyyaml@3.11-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1d4s-2baq-wuhk

vulnerability	VCID-2wh2-rac2-53ax

vulnerability	VCID-hrtt-vfbb-87bf

vulnerability	VCID-tk2n-xsk7-aqb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@3.11-2

url	pkg:deb/debian/pyyaml@5.3.1-5?distro=trixie
purl	pkg:deb/debian/pyyaml@5.3.1-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@5.3.1-5%3Fdistro=trixie

url	pkg:deb/debian/pyyaml@6.0-3?distro=trixie
purl	pkg:deb/debian/pyyaml@6.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@6.0-3%3Fdistro=trixie

url	pkg:deb/debian/pyyaml@6.0.2-1?distro=trixie
purl	pkg:deb/debian/pyyaml@6.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@6.0.2-1%3Fdistro=trixie

url	pkg:deb/debian/pyyaml@6.0.3-1?distro=trixie
purl	pkg:deb/debian/pyyaml@6.0.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@6.0.3-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/libyaml@0.1.1-1

purl pkg:deb/debian/libyaml@0.1.1-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ft98-s9x5-byev

vulnerability	VCID-pkg9-61ah-kbex

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.1.1-1

url pkg:deb/debian/libyaml@0.1.3-1%2Bdeb6u4

purl pkg:deb/debian/libyaml@0.1.3-1%2Bdeb6u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ft98-s9x5-byev

vulnerability	VCID-pkg9-61ah-kbex

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.1.3-1%252Bdeb6u4

url pkg:deb/debian/libyaml@0.1.3-1%2Bdeb6u5

purl pkg:deb/debian/libyaml@0.1.3-1%2Bdeb6u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ft98-s9x5-byev

vulnerability	VCID-pkg9-61ah-kbex

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.1.3-1%252Bdeb6u5

url pkg:deb/debian/libyaml@0.1.4-2%2Bdeb7u5

purl pkg:deb/debian/libyaml@0.1.4-2%2Bdeb7u5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ft98-s9x5-byev

vulnerability	VCID-pkg9-61ah-kbex

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml@0.1.4-2%252Bdeb7u5

url pkg:deb/debian/libyaml-libyaml-perl@0.33-1%2Bsqueeze3

purl pkg:deb/debian/libyaml-libyaml-perl@0.33-1%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gya-adz6-2qgf

vulnerability	VCID-ft98-s9x5-byev

vulnerability	VCID-pkg9-61ah-kbex

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.33-1%252Bsqueeze3

url pkg:deb/debian/libyaml-libyaml-perl@0.33-1%2Bsqueeze4

purl pkg:deb/debian/libyaml-libyaml-perl@0.33-1%2Bsqueeze4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2gya-adz6-2qgf

vulnerability	VCID-ft98-s9x5-byev

vulnerability	VCID-pkg9-61ah-kbex

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.33-1%252Bsqueeze4

url pkg:deb/debian/libyaml-libyaml-perl@0.38-3%2Bdeb7u3

purl pkg:deb/debian/libyaml-libyaml-perl@0.38-3%2Bdeb7u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ft98-s9x5-byev

vulnerability	VCID-pkg9-61ah-kbex

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libyaml-libyaml-perl@0.38-3%252Bdeb7u3

url pkg:deb/debian/pyyaml@3.05-2

purl pkg:deb/debian/pyyaml@3.05-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1d4s-2baq-wuhk

vulnerability	VCID-2wh2-rac2-53ax

vulnerability	VCID-hrtt-vfbb-87bf

vulnerability	VCID-rj4z-edkc-pbdw

vulnerability	VCID-tk2n-xsk7-aqb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@3.05-2

url pkg:deb/debian/pyyaml@3.09-5

purl pkg:deb/debian/pyyaml@3.09-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1d4s-2baq-wuhk

vulnerability	VCID-2wh2-rac2-53ax

vulnerability	VCID-hrtt-vfbb-87bf

vulnerability	VCID-rj4z-edkc-pbdw

vulnerability	VCID-tk2n-xsk7-aqb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@3.09-5

url pkg:deb/debian/pyyaml@3.09-5%2Bdeb6u1

purl pkg:deb/debian/pyyaml@3.09-5%2Bdeb6u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1d4s-2baq-wuhk

vulnerability	VCID-2wh2-rac2-53ax

vulnerability	VCID-hrtt-vfbb-87bf

vulnerability	VCID-rj4z-edkc-pbdw

vulnerability	VCID-tk2n-xsk7-aqb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@3.09-5%252Bdeb6u1

url pkg:deb/debian/pyyaml@3.10-4%2Bdeb7u1

purl pkg:deb/debian/pyyaml@3.10-4%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1d4s-2baq-wuhk

vulnerability	VCID-2wh2-rac2-53ax

vulnerability	VCID-hrtt-vfbb-87bf

vulnerability	VCID-rj4z-edkc-pbdw

vulnerability	VCID-tk2n-xsk7-aqb9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pyyaml@3.10-4%252Bdeb7u1

url pkg:rpm/redhat/libyaml@0.1.3-4?arch=el6_6

purl pkg:rpm/redhat/libyaml@0.1.3-4?arch=el6_6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libyaml@0.1.3-4%3Farch=el6_6

url pkg:rpm/redhat/libyaml@0.1.4-11?arch=el7_0

purl pkg:rpm/redhat/libyaml@0.1.4-11?arch=el7_0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-rj4z-edkc-pbdw

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libyaml@0.1.4-11%3Farch=el7_0

References

reference_url	http://advisories.mageia.org/MGASA-2014-0508.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2014-0508.html

reference_url	http://linux.oracle.com/errata/ELSA-2015-0100.html
reference_id
reference_type
scores
url	http://linux.oracle.com/errata/ELSA-2015-0100.html

reference_url	http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-0100.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-0100.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-0112.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-0112.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-0260.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-0260.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9130.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9130.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9130

reference_id

reference_type

scores

value	0.54847
scoring_system	epss
scoring_elements	0.98049
published_at	2026-04-21T12:55:00Z

value	0.54847
scoring_system	epss
scoring_elements	0.98027
published_at	2026-04-01T12:55:00Z

value	0.54847
scoring_system	epss
scoring_elements	0.98031
published_at	2026-04-02T12:55:00Z

value	0.54847
scoring_system	epss
scoring_elements	0.98034
published_at	2026-04-04T12:55:00Z

value	0.54847
scoring_system	epss
scoring_elements	0.98035
published_at	2026-04-07T12:55:00Z

value	0.54847
scoring_system	epss
scoring_elements	0.9804
published_at	2026-04-09T12:55:00Z

value	0.54847
scoring_system	epss
scoring_elements	0.98045
published_at	2026-04-11T12:55:00Z

value	0.54847
scoring_system	epss
scoring_elements	0.98046
published_at	2026-04-12T12:55:00Z

value	0.54847
scoring_system	epss
scoring_elements	0.98047
published_at	2026-04-13T12:55:00Z

value	0.54847
scoring_system	epss
scoring_elements	0.98052
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9130

reference_url	https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
reference_id
reference_type
scores
url	https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2

reference_url	https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
reference_id
reference_type
scores
url	https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130

reference_url	http://secunia.com/advisories/59947
reference_id
reference_type
scores
url	http://secunia.com/advisories/59947

reference_url	http://secunia.com/advisories/60944
reference_id
reference_type
scores
url	http://secunia.com/advisories/60944

reference_url	http://secunia.com/advisories/62164
reference_id
reference_type
scores
url	http://secunia.com/advisories/62164

reference_url	http://secunia.com/advisories/62174
reference_id
reference_type
scores
url	http://secunia.com/advisories/62174

reference_url	http://secunia.com/advisories/62176
reference_id
reference_type
scores
url	http://secunia.com/advisories/62176

reference_url	http://secunia.com/advisories/62705
reference_id
reference_type
scores
url	http://secunia.com/advisories/62705

reference_url	http://secunia.com/advisories/62723
reference_id
reference_type
scores
url	http://secunia.com/advisories/62723

reference_url	http://secunia.com/advisories/62774
reference_id
reference_type
scores
url	http://secunia.com/advisories/62774

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/99047
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/99047

reference_url	https://puppet.com/security/cve/cve-2014-9130
reference_id
reference_type
scores
url	https://puppet.com/security/cve/cve-2014-9130

reference_url	http://www.debian.org/security/2014/dsa-3102
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3102

reference_url	http://www.debian.org/security/2014/dsa-3103
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3103

reference_url	http://www.debian.org/security/2014/dsa-3115
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3115

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:242
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2014:242

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2015:060
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2015:060

reference_url	http://www.openwall.com/lists/oss-security/2014/11/28/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/11/28/1

reference_url	http://www.openwall.com/lists/oss-security/2014/11/28/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/11/28/8

reference_url	http://www.openwall.com/lists/oss-security/2014/11/29/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/11/29/3

reference_url	http://www.securityfocus.com/bid/71349
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/71349

reference_url	http://www.ubuntu.com/usn/USN-2461-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2461-1

reference_url	http://www.ubuntu.com/usn/USN-2461-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2461-2

reference_url	http://www.ubuntu.com/usn/USN-2461-3
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2461-3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1169369
reference_id	1169369
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1169369

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771365
reference_id	771365
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771365

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771366
reference_id	771366
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771366

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772815
reference_id	772815
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772815

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pyyaml:libyaml:0.1.5:::::::*
reference_id	cpe:2.3:a:pyyaml:libyaml:0.1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pyyaml:libyaml:0.1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pyyaml:libyaml:0.1.6:::::::*
reference_id	cpe:2.3:a:pyyaml:libyaml:0.1.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pyyaml:libyaml:0.1.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-9130

reference_id

CVE-2014-9130

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-9130

reference_url	https://access.redhat.com/errata/RHSA-2015:0100
reference_id	RHSA-2015:0100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0100

reference_url	https://access.redhat.com/errata/RHSA-2015:0112
reference_id	RHSA-2015:0112
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0112

reference_url	https://access.redhat.com/errata/RHSA-2015:0260
reference_id	RHSA-2015:0260
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0260

reference_url	https://usn.ubuntu.com/2461-1/
reference_id	USN-2461-1
reference_type
scores
url	https://usn.ubuntu.com/2461-1/

reference_url	https://usn.ubuntu.com/2461-2/
reference_id	USN-2461-2
reference_type
scores
url	https://usn.ubuntu.com/2461-2/

reference_url	https://usn.ubuntu.com/2461-3/
reference_id	USN-2461-3
reference_type
scores
url	https://usn.ubuntu.com/2461-3/

Weaknesses

cwe_id	617
name	Reachable Assertion
description	The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Exploits

Severity_range_score 5.0 - 5.0

Exploitability 0.5

Weighted_severity 4.5

Risk_score 2.2

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rj4z-edkc-pbdw

Vulnerability Instance