Fedora 29 : yaml-cpp (2018-27ec51c0dd)

Security fix for CVE-2017-5950. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

Fedora 28 : yaml-cpp (2018-1758d97170)

Security fix for CVE-2017-5950. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...

CVE-2018-20574

The SingleDocParser::HandleFlowMap function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

AZL-7007 CVE-2018-20574 affecting package yaml-cpp for versions less than 0.6.2-6

The SingleDocParser::HandleFlowMap function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

AZL-7006 CVE-2018-20573 affecting package yaml-cpp for versions less than 0.6.2-6

The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

DEBIAN-CVE-2018-20573

The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

CVE-2018-20573

The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

Code injection

The SingleDocParser::HandleFlowMap function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds. The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file. Remediation Upgrade yaml-cp...

CVE-2018-20574

The SingleDocParser::HandleFlowMap function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

CVE-2018-20574

CVE-2018-20574 affects yaml-cpp (LibYaml-C++) 0.6.2, where the function SingleDocParser::HandleFlowMap can be abused by a crafted YAML file to trigger denial of service (stack consumption and application crash). Public documents corroborate this by listing CVE-2018-20574 in SUSE/openSUSE advisori...

CVE-2018-20573

CVE-2018-20573 affects yaml-cpp (LibYaml-C++) 0.6.2. The vulnerability, in Scanner::EnsureTokensInQueue, allows remote attackers to cause denial of service via a crafted YAML file, consuming stack resources and crashing the application. Connected advisories indicate patches/revisions exist (e.g.,...

PT-2018-15443 · Yaml Cpp +2 · Yaml-Cpp +2

Name of the Vulnerable Software and Affected Versions: yaml-cpp version 0.6.2 Description: The issue allows remote attackers to cause a denial of service, resulting in stack consumption and application crash, via a crafted YAML file. This is due to a problem in the Scanner::EnsureTokensInQueue...

UBUNTU-CVE-2018-20337

There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...

Buffer overflow

In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP driver...

PT-2018-3866 · Exiv2 +6 · Exiv2 +6

Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.27-RC3 Description: The issue is related to a buffer overflow in the tiffimage int.cpp component of the Exiv2 library, which can lead to a remote denial of service attack when a crafted input is processed. This can cause a SEG...

Google Android out-of-bounds write vulnerability (CNVD-2019-01560)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An out-of-bounds write vulnerability exists in the CAacDecoderInit of the aacdecoder.cpp file in Android version 9, which stems from the program's lack of boundary detection. A...

MGASA-2018-0471 Updated yaml-cpp packages fix security vulnerability

The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.1 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file. CVE-2017-5950...

Updated yaml-cpp packages fix security vulnerability

The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.1 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file. CVE-2017-5950...

CVE-2018-9437

In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0...