CVE-2025-40908 Information

Description

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open allowing existing files to be modified

Reference

https://github.com/ingydotnet/yaml-libyaml-pm/issues/120 https://github.com/ingydotnet/yaml-libyaml-pm/pull/121 https://github.com/ingydotnet/yaml-libyaml-pm/pull/122