CVE-2024-35325

Name of the Vulnerable Software and Affected Versions libyaml versions up to 0.2.5

Description A vulnerability was found in libyaml, affecting the function yaml event delete of the file /src/libyaml/src/api.c. The manipulation leads to a double-free.

Recommendations For libyaml versions up to 0.2.5, consider disabling the yaml event delete function as a temporary workaround until a patch is available. Restrict access to the affected file /src/libyaml/src/api.c to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.