Exploit for Improper Input Validation in Nodeca Js-Yaml_BEC2E52E-1CD0-52EF-9716-9449D93392AB

6.8 / 10

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P

Description

Doceker bulid 취약환경으로 Docker 환경으로 빌드를 한다. docker build -f cve-2013-4660 -t cve-2013-4660 . 공격 성공 시 서버 내부의 민감 정보가 어떻게 유출되는지 증명하기 위한, 가상의 데이터베이스와 가상 데이터베이스 Password와 AWS 키를 주입하여 컨테이너를 실행한다. sudo docker run -d --name yaml-lab -e...

Visit Original Source

Basic Information

ID BEC2E52E-1CD0-52EF-9716-9449D93392AB

Published Jun 11, 2026 at 09:41

Modified Jun 11, 2026 at 09:47

{
    "lastseen": "2026-06-11T10:00:39",
    "description": "Doceker bulid \ucde8\uc57d\ud658\uacbd\uc73c\ub85c Docker \ud658\uacbd\uc73c\ub85c \ube4c\ub4dc\ub97c \ud55c\ub2e4. docker build -f cve-2013-4660 -t cve-2013-4660 . \uacf5\uaca9 \uc131\uacf5 \uc2dc \uc11c\ubc84 \ub0b4\ubd80\uc758 \ubbfc\uac10 \uc815\ubcf4\uac00 \uc5b4\ub5bb\uac8c \uc720\ucd9c\ub418\ub294\uc9c0 \uc99d\uba85\ud558\uae30 \uc704\ud55c, \uac00\uc0c1\uc758 \ub370\uc774\ud130\ubca0\uc774\uc2a4\uc640 \uac00\uc0c1 \ub370\uc774\ud130\ubca0\uc774\uc2a4 Password\uc640 AWS \ud0a4\ub97c \uc8fc\uc785\ud558\uc5ec \ucee8\ud14c\uc774\ub108\ub97c \uc2e4\ud589\ud55c\ub2e4. sudo docker run -d --name yaml-lab -e...",
    "published": "2026-06-11T09:41:16",
    "modified": "2026-06-11T09:47:01",
    "type": "githubexploit",
    "title": "Exploit for Improper Input Validation in Nodeca Js-Yaml",
    "source": "",
    "references": "",
    "id": "BEC2E52E-1CD0-52EF-9716-9449D93392AB",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2013-4660"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 6.8,
        "severity": "MEDIUM",
        "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
        "version": "2.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/leehunkoo/cve-2013-4660_PoC",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply