Code Execution via Unsafe YAML Loading in scripts/grep-excuses.pl in Debian devscripts

Code Execution via Unsafe YAML Loading in scripts/grep-excuses.pl in Debian devscripts

CVE-2018-13043 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

Learn more about our Cis Benchmark Audit For Debian Linux.