SUSE-SU-2023:1740-3 Security update for yaml-cpp

This update for yaml-cpp fixes the following issues: - CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue bsc1121227. - CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap bsc1121230. - CVE-2019-6285: Fix...

SUSE CVE-2018-20573

The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

SUSE CVE-2018-20574

The SingleDocParser::HandleFlowMap function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

SUSE CVE-2019-6285

The SingleDocParser::HandleFlowSequence function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack consumption and application crash via a crafted YAML file...

Security Bulletin: Multiple security vulnerabilities found in open source code that is shipped with IBM Security Verify Access

Summary Source code scanning has found several open source vulnerabilites in the IBM Security Verify Access product. Verify Access has updated the packages as required. Vulnerability Details CVEID: CVE-2018-20574 DESCRIPTION: yaml-cpp is vulnerable to a denial of service, caused by an error in th...

SUSE-SU-2022:1073-2 Security update for yaml-cpp

This update for yaml-cpp fixes the following issues: - CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue bsc1121227. - CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap bsc1121230. - CVE-2019-6285: Fix...

CVE-2018-20573 affecting package yaml-cpp for versions less than 0.6.2-6

CVE-2018-20573 affecting package yaml-cpp for versions less than 0.6.2-6. A patched version of the package is available...

CVE-2019-6285 affecting package yaml-cpp for versions less than 0.6.2-6

CVE-2019-6285 affecting package yaml-cpp for versions less than 0.6.2-6. A patched version of the package is available...

CVE-2018-20574 affecting package yaml-cpp for versions less than 0.6.2-6

CVE-2018-20574 affecting package yaml-cpp for versions less than 0.6.2-6. A patched version of the package is available...

CVE-2019-6292 affecting package yaml-cpp for versions less than 0.6.2-6

CVE-2019-6292 affecting package yaml-cpp for versions less than 0.6.2-6. A patched version of the package is available...

openSUSE 15 Security Update : yaml-cpp (openSUSE-SU-2022:1073-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:1073-1 advisory. - The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause a denial of service stack...

SUSE SLED12 / SLES12 Security Update : yaml-cpp (SUSE-SU-2022:1072-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1072-1 advisory. - The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause...

SUSE: Security Advisory (SUSE-SU-2022:1073-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : yaml-cpp (SUSE-SU-2022:1073-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1073-1 advisory. - The Scanner::EnsureTokensInQueue function in yaml-cpp aka LibYaml-C++ 0.6.2 allows remote attackers to cause...

openSUSE: Security Advisory for yaml-cpp (openSUSE-SU-2022:1073-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2022:1073-1 Security update for yaml-cpp

This update for yaml-cpp fixes the following issues: - CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue bsc1121227. - CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap bsc1121230. - CVE-2019-6285: Fix...

SUSE-SU-2022:1072-1 Security update for yaml-cpp

This update for yaml-cpp fixes the following issues: - CVE-2018-20573: Fixed remote DOS via a crafted YAML file in function Scanner:EnsureTokensInQueue bsc1121227. - CVE-2018-20574: Fixed remote DOS via a crafted YAML file in function SingleDocParser:HandleFlowMap bsc1121230. - CVE-2019-6285: Fix...

Security update for yaml-cpp (moderate)

openSUSE Security Update: Security update for yaml-cpp Announcement ID: openSUSE-SU-2022:1073-1 Rating: moderate References: 1121227 1121230 1122004 1122021 Cross-References: CVE-2018-20573 CVE-2018-20574 CVE-2019-6285 CVE-2019-6292 CVSS scores: CVE-2018-20573 NVD : 6.5...

Mageia: Security Advisory (MGASA-2018-0471)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

...