{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-40908", "assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "state": "PUBLISHED", "assignerShortName": "CPANSec", "dateReserved": "2025-04-16T09:05:34.360Z", "datePublished": "2025-06-01T13:41:48.168Z", "dateUpdated": "2025-06-02T03:22:25.333Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://cpan.org/modules", "defaultStatus": "unaffected", "packageName": "YAML-LibYAML", "product": "YAML::LibYAML", "programFiles": ["lib/YAML/XS.pm"], "repo": "https://github.com/ingydotnet/yaml-libyaml-pm", "vendor": "TINITA", "versions": [{"lessThan": "0.903.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "@shlomif (Shlomi Fish)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified<br>"}], "value": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified"}], "impacts": [{"capecId": "CAPEC-23", "descriptions": [{"lang": "en", "value": "CAPEC-23 File Content Injection"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-552", "description": "CWE-552 Files or Directories Accessible to External Parties", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "shortName": "CPANSec", "dateUpdated": "2025-06-01T13:41:48.168Z"}, "references": [{"tags": ["issue-tracking"], "url": "https://github.com/ingydotnet/yaml-libyaml-pm/issues/120"}, {"tags": ["patch"], "url": "https://github.com/ingydotnet/yaml-libyaml-pm/pull/121"}, {"tags": ["patch"], "url": "https://github.com/ingydotnet/yaml-libyaml-pm/pull/122"}], "source": {"discovery": "INTERNAL"}, "title": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-06-02T03:22:02.219115Z", "id": "CVE-2025-40908", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-02T03:22:25.333Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-40908", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-02T03:22:02.219115Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-02T03:22:20.353Z"}}], "cna": {"title": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified", "source": {"discovery": "INTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "@shlomif (Shlomi Fish)"}], "impacts": [{"capecId": "CAPEC-23", "descriptions": [{"lang": "en", "value": "CAPEC-23 File Content Injection"}]}], "affected": [{"repo": "https://github.com/ingydotnet/yaml-libyaml-pm", "vendor": "TINITA", "product": "YAML::LibYAML", "versions": [{"status": "affected", "version": "0", "lessThan": "0.903.0", "versionType": "custom"}], "packageName": "YAML-LibYAML", "programFiles": ["lib/YAML/XS.pm"], "collectionURL": "https://cpan.org/modules", "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/ingydotnet/yaml-libyaml-pm/issues/120", "tags": ["issue-tracking"]}, {"url": "https://github.com/ingydotnet/yaml-libyaml-pm/pull/121", "tags": ["patch"]}, {"url": "https://github.com/ingydotnet/yaml-libyaml-pm/pull/122", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified", "supportingMedia": [{"type": "text/html", "value": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-552", "description": "CWE-552 Files or Directories Accessible to External Parties"}]}], "providerMetadata": {"orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "shortName": "CPANSec", "dateUpdated": "2025-06-01T13:41:48.168Z"}}}, "cveMetadata": {"cveId": "CVE-2025-40908", "state": "PUBLISHED", "dateUpdated": "2025-06-02T03:22:25.333Z", "dateReserved": "2025-04-16T09:05:34.360Z", "assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "datePublished": "2025-06-01T13:41:48.168Z", "assignerShortName": "CPANSec"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified"}], "id": "CVE-2025-40908", "lastModified": "2025-06-02T17:32:17.397", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-06-01T14:15:21.113", "references": [{"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://github.com/ingydotnet/yaml-libyaml-pm/issues/120"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://github.com/ingydotnet/yaml-libyaml-pm/pull/121"}, {"source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "url": "https://github.com/ingydotnet/yaml-libyaml-pm/pull/122"}], "sourceIdentifier": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "9b29abf9-4ab0-4765-b253-1875cd9b441e", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:9329", "cpe": "cpe:/a:redhat:enterprise_linux:8::crb", "package": "perl-YAML-LibYAML-1:0.70-2.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9330", "cpe": "cpe:/a:redhat:enterprise_linux:9::crb", "package": "perl-YAML-LibYAML-1:0.82-6.1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9338", "cpe": "cpe:/a:redhat:rhel_eus:9.4::crb", "package": "perl-YAML-LibYAML-1:0.82-6.el9_4.1", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-06-23T00:00:00Z"}], "bugzilla": {"description": "yaml-libyaml: LibYAML Perl File Modification Vulnerability", "id": "2369630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369630"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-552", "details": ["YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified", "A flaw was found in yaml-libyaml. The component uses a two-argument `open` function when parsing YAML files, which allows an attacker to modify existing files on the system. This flaw allows a local attacker to provide a crafted YAML file as input. This issue can result in unauthorized modification of files."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-40908", "public_date": "2025-06-01T13:41:48Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-40908\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-40908\nhttps://github.com/ingydotnet/yaml-libyaml-pm/issues/120\nhttps://github.com/ingydotnet/yaml-libyaml-pm/pull/121\nhttps://github.com/ingydotnet/yaml-libyaml-pm/pull/122"], "threat_severity": "Important"}