Lucene search
+L
Yaml-cpp ProjectYaml-cpp

4 matches found

CVE
CVE
added 2018/12/28 4:0 p.m.93 views

CVE-2018-20574

CVE-2018-20574 affects yaml-cpp (LibYaml-C++) 0.6.2, where the function SingleDocParser::HandleFlowMap can be abused by a crafted YAML file to trigger denial of service (stack consumption and application crash). Public documents corroborate this by listing CVE-2018-20574 in SUSE/openSUSE advisori...

6.5CVSS6AI score0.02536EPSS
CVE
CVE
added 2019/01/14 10:0 p.m.84 views

CVE-2019-6285

CVE-2019-6285 affects yaml-cpp (LibYaml-C++) 0.6.2. The vulnerability exists in SingleDocParser::HandleFlowSequence and can cause denial of service via crafted YAML input (stack consumption and application crash). Multiple advisories from SUSE-Linux and Nessus corroborate this issue within yaml-c...

6.5CVSS6AI score0.02525EPSS
CVE
CVE
added 2019/01/15 12:0 a.m.82 views

CVE-2019-6292

The CVE-2019-6292 issue is a stack exhaustion vulnerability in yaml-cpp (LibYaml-C++) 0.6.2. It occurs in YAML::SingleDocParser due to recursive stack frames in HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, and HandleNode, enabling a remote attacker to trigger a denial-of-servi...

6.5CVSS6.1AI score0.01748EPSS
CVE
CVE
added 2018/12/28 4:0 p.m.80 views

CVE-2018-20573

CVE-2018-20573 affects yaml-cpp (LibYaml-C++) 0.6.2. The vulnerability, in Scanner::EnsureTokensInQueue, allows remote attackers to cause denial of service via a crafted YAML file, consuming stack resources and crashing the application. Connected advisories indicate patches/revisions exist (e.g.,...

6.5CVSS6AI score0.02536EPSS