Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Mageia 9 perl-YAML-Syck Important Out Of Bounds CVE-2026-5089

mageia
Calendar Grey May 18, 2026
Dist Mageia Esm H88
The perl-YAML-Syck package in Mageia 9 was updated to address a critical out-of-bounds security issue.
MGASA-2026-0148 - Updated perl-YAML-Syck package fixes security vulnerability

Summary

Description: YAML::Syck versions before 1.38 for Perl have an out-of-bounds read.

References

- https://bugs.mageia.org/show_bug.cgi?id=35525

- https://www.openwall.com/lists/oss-security/2026/05/12/16

- https://metacpan.org/release/TODDR/YAML-Syck-1.45/source/Changes

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5089

Resolution

SRPMS

- 9/core/perl-YAML-Syck-1.450.0-1.mga9

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 18 May 2026
URL: https://advisories.mageia.org/MGASA-2026-0148.html
Type: security
CVE: CVE-2026-5089

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here