Back to overview

CVE-2026-57077

Description
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via an unbounded newline scan in newline_len. In the bundled libsyck newline_len and is_newline dereference the scan pointer, and the following byte for a "\r\n" pair, with no NUL-terminator or bounds check. During block-scalar lexing at a document boundary the scan runs one byte past the heap lexer buffer. This is an incomplete fix of CVE-2025-11683, on a lexer path the earlier fix did not cover. Any caller that runs Load or LoadFile on an untrusted document with a block scalar at a document boundary reaches the over-read.

Metadata

CVE ID
CVE-2026-57077
State
PUBLISHED
Assigner
CPANSec
Reserved
2026-06-23 18:02 UTC
Published
2026-07-16 21:41 UTC
Last updated
2026-07-16 21:41 UTC
Primary CWE
CWE-125
CWE-125 Out-of-bounds Read
Vendor / Product
TODDR / YAML::Syck
Sources
cve.org  ·  NVD

Severity & Metrics

No CVSS data available.

Affected products (1)
VendorProductPlatformVersions
TODDR YAML::Syck 0 < 1.47
Weakness (CWE)
CWESourceDescription
CWE-125 cna CWE-125 Out-of-bounds Read
Back to overview