CVE-2018-20574

Опубликовано: 28 дек. 2018

Источник: debian

Описание

The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
yaml-cpp	fixed	0.6.3-1		package
yaml-cpp	no-dsa		buster	package
yaml-cpp	no-dsa		stretch	package
yaml-cpp	postponed		jessie	package
yaml-cpp0.3	removed			package
yaml-cpp0.3	no-dsa		stretch	package
yaml-cpp0.3	postponed		jessie	package

Примечания

https://github.com/jbeder/yaml-cpp/issues/654

Связанные уязвимости

CVE-2018-20574

CVSS3: 6.5

ubuntu

около 7 лет назад

The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

CVE-2018-20574

CVSS3: 3.7

redhat

около 7 лет назад

The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

CVE-2018-20574

CVSS3: 6.5

nvd

около 7 лет назад

The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

CVE-2018-20574

CVSS3: 6.5

msrc

больше 5 лет назад

The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

GHSA-mj28-fjwp-xqh8

CVSS3: 6.5

github

больше 3 лет назад

The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.