4 matches found
CVE-2018-20574
CVE-2018-20574 affects yaml-cpp (LibYaml-C++) 0.6.2, where the function SingleDocParser::HandleFlowMap can be abused by a crafted YAML file to trigger denial of service (stack consumption and application crash). Public documents corroborate this by listing CVE-2018-20574 in SUSE/openSUSE advisori...
CVE-2019-6285
CVE-2019-6285 affects yaml-cpp (LibYaml-C++) 0.6.2. The vulnerability exists in SingleDocParser::HandleFlowSequence and can cause denial of service via crafted YAML input (stack consumption and application crash). Multiple advisories from SUSE-Linux and Nessus corroborate this issue within yaml-c...
CVE-2019-6292
The CVE-2019-6292 issue is a stack exhaustion vulnerability in yaml-cpp (LibYaml-C++) 0.6.2. It occurs in YAML::SingleDocParser due to recursive stack frames in HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, and HandleNode, enabling a remote attacker to trigger a denial-of-servi...
CVE-2018-20573
CVE-2018-20573 affects yaml-cpp (LibYaml-C++) 0.6.2. The vulnerability, in Scanner::EnsureTokensInQueue, allows remote attackers to cause denial of service via a crafted YAML file, consuming stack resources and crashing the application. Connected advisories indicate patches/revisions exist (e.g.,...