2 matches found
CVE-2017-5950
yaml-cpp (LibYaml-C++) vulnerability CVE-2017-5950 stems from SingleDocParser::HandleNode and affects 0.5.x series (e.g., 0.5.3). A crafted YAML file can cause stack consumption and application crash (DoS). Remediation per connected advisories: rebuild/upgrade to yaml-cpp 0.6.0 or newer (Fedora 2...
CVE-2017-11692
yaml-cpp vulnerability (CVE-2017-11692) affects version 0.5.3 and earlier. The issue is in Token& Scanner::peek in scanner.cpp, where processing a crafted string like '!2' can trigger a remote denial of service via an assertion failure and application exit. Multiple connected advisories corrobora...