ALSA-2026:6470

See a problem?

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:6470.json

JSON Data

https://api.osv.dev/v1/vulns/ALSA-2026:6470

Related

CVE-2026-4177

Published

2026-04-02T00:00:00Z

Modified

2026-04-07T12:46:15.255429Z

Summary

Important: perl-YAML-Syck security update

Details

This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around.

Security Fix(es):

perl-YAML-Syck: YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter (CVE-2026-4177)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:8 / perl-YAML-Syck

Package

Name: perl-YAML-Syck
Purl: pkg:rpm/almalinux/perl-YAML-Syck

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.30-6.el8_10

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:6470.json"