20 matches found
Security Bulletin: Multiple Security Vulnerabilities were identified in IBM Security Verify Access.
Summary There were multiple Security Vulnerabilities that were reported against IBM Security Verify Access. These have been addressed in IBM Security Verify Access 10.0.7.0 Vulnerability Details CVEID:CVE-2023-21968 DESCRIPTION: An unspecified vulnerability in Oracle Java SE and GraalVM Enterpris...
CVE-2019-6285
The SingleDocParser::HandleFlowSequence function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2019-6292
The CVE-2019-6292 issue is a stack exhaustion vulnerability in yaml-cpp (LibYaml-C++) 0.6.2. It occurs in YAML::SingleDocParser due to recursive stack frames in HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, and HandleNode, enabling a remote attacker to trigger a denial-of-servi...
CVE-2019-6285
The SingleDocParser::HandleFlowSequence function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2019-6285
The SingleDocParser::HandleFlowSequence function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2019-6285
CVE-2019-6285 affects yaml-cpp (LibYaml-C++) 0.6.2. The vulnerability exists in SingleDocParser::HandleFlowSequence and can cause denial of service via crafted YAML input (stack consumption and application crash). Multiple advisories from SUSE-Linux and Nessus corroborate this issue within yaml-c...
CVE-2019-6285
The SingleDocParser::HandleFlowSequence function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2019-6285
The SingleDocParser::HandleFlowSequence function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2018-20573
The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2018-20574
The SingleDocParser::HandleFlowMap function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
Code injection
The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2018-20573
The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2018-20573
The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2018-20573
CVE-2018-20573 affects yaml-cpp (LibYaml-C++) 0.6.2. The vulnerability, in Scanner::EnsureTokensInQueue, allows remote attackers to cause denial of service via a crafted YAML file, consuming stack resources and crashing the application. Connected advisories indicate patches/revisions exist (e.g.,...
CVE-2018-20574
CVE-2018-20574 affects yaml-cpp (LibYaml-C++) 0.6.2, where the function SingleDocParser::HandleFlowMap can be abused by a crafted YAML file to trigger denial of service (stack consumption and application crash). Public documents corroborate this by listing CVE-2018-20574 in SUSE/openSUSE advisori...
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
Code injection
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2017-5950
The SingleDocParser::HandleNode function in yaml-cpp aka LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...
CVE-2017-5950
yaml-cpp (LibYaml-C++) vulnerability CVE-2017-5950 stems from SingleDocParser::HandleNode and affects 0.5.x series (e.g., 0.5.3). A crafted YAML file can cause stack consumption and application crash (DoS). Remediation per connected advisories: rebuild/upgrade to yaml-cpp 0.6.0 or newer (Fedora 2...