Vulnerability-Lookup

WID-SEC-W-2026-0939

Vulnerability from csaf_certbund - Published: 2026-03-31 22:00 - Updated: 2026-04-09 22:00

Summary

cPanel cPanel/WHM (perl-YAML-Syck): Schwachstelle ermöglicht Codeausführung und DoS

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: cPanel ist eine Software für die Verwaltung von Webhosting Auftritten. Die Software ermöglicht es dem Endanwender, Statistiken einzusehen, neue Benutzeraccounts anzulegen, Maileinstellungen zu verändern und vieles mehr.

Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in cPanel cPanel/WHM ausnutzen, um potenziell beliebigen Code auszuführen oder einen Denial-of-Service-Zustand zu verursachen.

Betroffene Betriebssysteme: - Linux - UNIX

CVE-2026-4177

References

URL

Category

	https://wid.cert-bund.de/.well-known/csaf/white/2…	self
	https://wid.cert-bund.de/portal/wid/securityadvis…	self
	https://docs.cpanel.net/changelogs/110-change-log/	external
	https://docs.cpanel.net/changelogs/126-change-log/	external
	https://docs.cpanel.net/changelogs/134-change-log/	external
	https://alas.aws.amazon.com/AL2/ALAS2-2026-3216.html	external
	https://access.redhat.com/errata/RHSA-2026:6470	external
	https://docs.cpanel.net/changelogs/136-change-log/	external
	https://lists.debian.org/debian-lts-announce/2026…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "cPanel ist eine Software f\u00fcr die Verwaltung von Webhosting Auftritten. Die Software erm\u00f6glicht es dem Endanwender, Statistiken einzusehen, neue Benutzeraccounts anzulegen, Maileinstellungen zu ver\u00e4ndern und vieles mehr.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in cPanel cPanel/WHM ausnutzen, um potenziell beliebigen Code auszuf\u00fchren oder einen Denial-of-Service-Zustand zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0939 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0939.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0939 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0939"
      },
      {
        "category": "external",
        "summary": "cPanel \u0026 WHM Change Log vom 2026-03-31",
        "url": "https://docs.cpanel.net/changelogs/110-change-log/"
      },
      {
        "category": "external",
        "summary": "cPanel \u0026 WHM Change Log vom 2026-03-31",
        "url": "https://docs.cpanel.net/changelogs/126-change-log/"
      },
      {
        "category": "external",
        "summary": "cPanel \u0026 WHM Change Log vom 2026-03-31",
        "url": "https://docs.cpanel.net/changelogs/134-change-log/"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2-2026-3216 vom 2026-04-01",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3216.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:6470 vom 2026-04-02",
        "url": "https://access.redhat.com/errata/RHSA-2026:6470"
      },
      {
        "category": "external",
        "summary": "cPanel 136 Change Log vom 2026-04-08",
        "url": "https://docs.cpanel.net/changelogs/136-change-log/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4525 vom 2026-04-09",
        "url": "https://lists.debian.org/debian-lts-announce/2026/04/msg00004.html"
      }
    ],
    "source_lang": "en-US",
    "title": "cPanel cPanel/WHM (perl-YAML-Syck): Schwachstelle erm\u00f6glicht Codeausf\u00fchrung und DoS",
    "tracking": {
      "current_release_date": "2026-04-09T22:00:00.000+00:00",
      "generator": {
        "date": "2026-04-10T07:04:20.403+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2026-0939",
      "initial_release_date": "2026-03-31T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-31T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-04-01T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2026-04-06T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-07T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2026-04-09T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c110.0.93",
                "product": {
                  "name": "cPanel cPanel/WHM \u003c110.0.93",
                  "product_id": "T052327"
                }
              },
              {
                "category": "product_version",
                "name": "110.0.93",
                "product": {
                  "name": "cPanel cPanel/WHM 110.0.93",
                  "product_id": "T052327-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cpanel:cpanel_whm:110.0.93"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c126.0.50",
                "product": {
                  "name": "cPanel cPanel/WHM \u003c126.0.50",
                  "product_id": "T052328"
                }
              },
              {
                "category": "product_version",
                "name": "126.0.50",
                "product": {
                  "name": "cPanel cPanel/WHM 126.0.50",
                  "product_id": "T052328-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cpanel:cpanel_whm:126.0.50"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c134.0.13",
                "product": {
                  "name": "cPanel cPanel/WHM \u003c134.0.13",
                  "product_id": "T052329"
                }
              },
              {
                "category": "product_version",
                "name": "134.0.13",
                "product": {
                  "name": "cPanel cPanel/WHM 134.0.13",
                  "product_id": "T052329-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cpanel:cpanel_whm:134.0.13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c136.0.0",
                "product": {
                  "name": "cPanel cPanel/WHM \u003c136.0.0",
                  "product_id": "T052454"
                }
              },
              {
                "category": "product_version",
                "name": "136.0.0",
                "product": {
                  "name": "cPanel cPanel/WHM 136.0.0",
                  "product_id": "T052454-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cpanel:cpanel_whm:136.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "cPanel/WHM"
          }
        ],
        "category": "vendor",
        "name": "cPanel"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-4177",
      "product_status": {
        "known_affected": [
          "2951",
          "67646",
          "T052328",
          "T052329",
          "T052327",
          "398363",
          "T052454"
        ]
      },
      "release_date": "2026-03-31T22:00:00.000+00:00",
      "title": "CVE-2026-4177"
    }
  ]
}

CVE-2026-4177 (GCVE-0-2026-4177)

Vulnerability from cvelistv5 – Published: 2026-03-16 22:30 – Updated: 2026-03-17 14:04

Title

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter

Summary

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n->type_id in place, corrupting shared node data. A memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return.

Severity ?

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE

CWE-122 - Heap-based Buffer Overflow

Assigner

CPANSec

References

URL

Tags

	https://github.com/cpan-authors/YAML-Syck/commit/…	patch
	https://metacpan.org/release/TODDR/YAML-Syck-1.37…	release-notes

Impacted products

	Vendor	Product	Version
	TODDR	YAML::Syck	Affected: 0 , ≤ 1.36 (custom)

Credits

Todd Rinaldo

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-03-17T01:34:04.213Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/03/16/6"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-4177",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-17T14:04:29.127464Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-17T14:04:53.600Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://cpan.org/modules",
          "defaultStatus": "unaffected",
          "packageName": "YAML-Syck",
          "product": "YAML::Syck",
          "programFiles": [
            "emitter.c",
            "handler.c",
            "perl_common.h",
            "perl_syck.h"
          ],
          "programRoutines": [
            {
              "name": "YAML::Syck::yaml_syck_emitter_handler()"
            },
            {
              "name": "YAML::Syck::syck_base64dec()"
            },
            {
              "name": "YAML::Syck::yaml_syck_parser_handler()"
            },
            {
              "name": "YAML::Syck::syck_hdlr_add_anchor()"
            }
          ],
          "repo": "https://github.com/cpan-authors/YAML-Syck",
          "vendor": "TODDR",
          "versions": [
            {
              "lessThanOrEqual": "1.36",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Todd Rinaldo"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter.\n\nThe heap overflow occurs when class names exceed the initial 512-byte allocation.\n\nThe base64 decoder could read past the buffer end on trailing newlines.\n\nstrtok mutated n-\u003etype_id in place, corrupting shared node data.\n\nA memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string \u0027a\u0027 was leaked on early return."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-16T22:30:25.367Z",
        "orgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
        "shortName": "CPANSec"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/cpan-authors/YAML-Syck/commit/e8844a31c8cf0052914b198fc784ed4e6b8ae69e.patch"
        },
        {
          "tags": [
            "release-notes"
          ],
          "url": "https://metacpan.org/release/TODDR/YAML-Syck-1.37_01/changes#L21"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to version 1.37 or higher."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter",
      "x_generator": {
        "engine": "cpansec-cna-tool 0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9b29abf9-4ab0-4765-b253-1875cd9b441e",
    "assignerShortName": "CPANSec",
    "cveId": "CVE-2026-4177",
    "datePublished": "2026-03-16T22:30:25.367Z",
    "dateReserved": "2026-03-14T19:36:56.710Z",
    "dateUpdated": "2026-03-17T14:04:53.600Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2026-0939

CVE-2026-4177 (GCVE-0-2026-4177)

Tags

Sightings

Nomenclature