Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-11692

Опубликовано: 28 июл. 2017
Источник: redhat
CVSS3: 5.9
EPSS Низкий

Описание

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.

Отчет

Red Hat Satellite 6.5 ship yaml-cpp however has been rated as a security impact of Low, product version Satellite 6.6 onward is not affected. Satellite 6.5 is in Maintenance Support phase of the product life cycle and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 6 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)yaml-cppWill not fix
Red Hat OpenStack Platform 10 (Newton)yaml-cppWill not fix
Red Hat OpenStack Platform 11 (Ocata)yaml-cppWill not fix
Red Hat OpenStack Platform 12 (Pike)yaml-cppWill not fix
Red Hat OpenStack Platform 8 (Liberty)yaml-cppWill not fix
Red Hat OpenStack Platform 9 (Mitaka)yaml-cppWill not fix
Red Hat Satellite 6yaml-cppWill not fix
Red Hat Software Collectionsrh-mongodb26-yaml-cppWill not fix
Red Hat Software Collectionsrh-mongodb30upg-yaml-cppWill not fix
Red Hat Software Collectionsrh-mongodb32-yaml-cppWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-617
https://bugzilla.redhat.com/show_bug.cgi?id=1477074yaml-cpp: assertion failure in Token& Scanner::peek function

EPSS

Процентиль: 70%
0.00637
Низкий

5.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-11692

CVSS3: 7.5
ubuntu
больше 8 лет назад

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.

nvd логотип

CVE-2017-11692

CVSS3: 7.5
nvd
больше 8 лет назад

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.

debian логотип

CVE-2017-11692

CVSS3: 7.5
debian
больше 8 лет назад

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 a ...

github логотип

GHSA-cmh2-2g79-cxcq

CVSS3: 7.5
github
больше 3 лет назад

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.

fstec логотип

BDU:2025-12517

CVSS3: 7.5
fstec
больше 8 лет назад

Уязвимость функции Token& Scanner::peek компонента scanner.cpp библиотеки для работы с YAML на C++ Yaml-cpp, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 70%
0.00637
Низкий

5.9 Medium

CVSS3