Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-40908

Summary
Assigner-CPANSec
Assigner Org ID-9b29abf9-4ab0-4765-b253-1875cd9b441e
Published At-01 Jun, 2025 | 13:41
Updated At-02 Jun, 2025 | 03:22
Rejected At-
Credits

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:CPANSec
Assigner Org ID:9b29abf9-4ab0-4765-b253-1875cd9b441e
Published At:01 Jun, 2025 | 13:41
Updated At:02 Jun, 2025 | 03:22
Rejected At:
▼CVE Numbering Authority (CNA)
YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified

Affected Products
Vendor
TINITA
Product
YAML::LibYAML
Collection URL
https://cpan.org/modules
Package Name
YAML-LibYAML
Repo
https://github.com/ingydotnet/yaml-libyaml-pm
Program Files
  • lib/YAML/XS.pm
Default Status
unaffected
Versions
Affected
  • From 0 before 0.903.0 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-552CWE-552 Files or Directories Accessible to External Parties
Type: CWE
CWE ID: CWE-552
Description: CWE-552 Files or Directories Accessible to External Parties
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-23CAPEC-23 File Content Injection
CAPEC ID: CAPEC-23
Description: CAPEC-23 File Content Injection
Solutions
Configurations
Workarounds
Exploits
Credits
finder
@shlomif (Shlomi Fish)
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/ingydotnet/yaml-libyaml-pm/issues/120
issue-tracking
https://github.com/ingydotnet/yaml-libyaml-pm/pull/121
patch
https://github.com/ingydotnet/yaml-libyaml-pm/pull/122
patch
Hyperlink: https://github.com/ingydotnet/yaml-libyaml-pm/issues/120
Resource:
issue-tracking
Hyperlink: https://github.com/ingydotnet/yaml-libyaml-pm/pull/121
Resource:
patch
Hyperlink: https://github.com/ingydotnet/yaml-libyaml-pm/pull/122
Resource:
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:9b29abf9-4ab0-4765-b253-1875cd9b441e
Published At:01 Jun, 2025 | 14:15
Updated At:02 Jul, 2025 | 15:43

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Type: Secondary
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CPE Matches
ingydotnet
ingydotnet
>>yaml-libyaml>>Versions before 0.903.0(exclusive)
cpe:2.3:a:ingydotnet:yaml-libyaml:*:*:*:*:*:perl:*:*
Weaknesses
CWE IDTypeSource
CWE-552Secondary9b29abf9-4ab0-4765-b253-1875cd9b441e
CWE ID: CWE-552
Type: Secondary
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/ingydotnet/yaml-libyaml-pm/issues/1209b29abf9-4ab0-4765-b253-1875cd9b441e
Exploit
Issue Tracking
https://github.com/ingydotnet/yaml-libyaml-pm/pull/1219b29abf9-4ab0-4765-b253-1875cd9b441e
Issue Tracking
Patch
https://github.com/ingydotnet/yaml-libyaml-pm/pull/1229b29abf9-4ab0-4765-b253-1875cd9b441e
Issue Tracking
Patch
Hyperlink: https://github.com/ingydotnet/yaml-libyaml-pm/issues/120
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource:
Exploit
Issue Tracking
Hyperlink: https://github.com/ingydotnet/yaml-libyaml-pm/pull/121
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource:
Issue Tracking
Patch
Hyperlink: https://github.com/ingydotnet/yaml-libyaml-pm/pull/122
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource:
Issue Tracking
Patch

Change History

0
Information is not available yet

Similar CVEs

2Records found
CVE-2024-48864
Matching Score-4
Assigner-QNAP Systems, Inc.
ShareView Details
Matching Score-4
Assigner-QNAP Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.12% / 30.45%
||
7 Day CHG~0.00%
Published-07 Mar, 2025 | 16:12
Updated-19 Sep, 2025 | 17:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
File Station 5

A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers to read/write files or directories. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4741 and later

Action-Not Available
Vendor-QNAP Systems, Inc.
Product-file_stationFile Station 5
CWE ID-CWE-552
Files or Directories Accessible to External Parties
CVE-2020-15175
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.4||HIGH
EPSS-12.90% / 93.91%
||
7 Day CHG~0.00%
Published-07 Oct, 2020 | 18:45
Updated-04 Aug, 2024 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unauthenticated File Deletion in GLPI

In GLPI before version 9.5.2, the `​pluginimage.send.php​` endpoint allows a user to specify an image from a plugin. The parameters can be maliciously crafted to instead delete the .htaccess file for the files directory. Any user becomes able to read all the files and folders contained in “/files/”. Some of the sensitive information that is compromised are the user sessions, logs, and more. An attacker would be able to get the Administrators session token and use that to authenticate. The issue is patched in version 9.5.2.

Action-Not Available
Vendor-GLPI Project
Product-glpiglpi
CWE ID-CWE-552
Files or Directories Accessible to External Parties
Details not found