yaml-cpp_project yaml-cpp の CVE（6 件）

CVE 件数: 6 CPE versions: View versions table

概要

本ページは yaml-cpp_project yaml-cpp に影響する公開済み CVE（NVD の CPE 経由で関連付け）を列挙します。各行に深刻度指標・概要・公開日が含まれます。

CVE	概要	ソース	CVSS 最大値	EPSS（%）	公開	更新
CVE-2019-6292	An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.	[email protected]	6.5	1.75%	2019-01-15	2024-11-21
CVE-2019-6285	The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.	[email protected]	6.5	2.53%	2019-01-14	2025-11-03
CVE-2018-20574	The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.	[email protected]	6.5	2.54%	2018-12-28	2025-11-03
CVE-2018-20573	The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.	[email protected]	6.5	2.54%	2018-12-28	2025-11-03
CVE-2017-11692	The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.	[email protected]	7.5	2.25%	2017-07-30	2026-05-13
CVE-2017-5950	The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.	[email protected]	5.5	2.03%	2017-04-03	2026-05-13

cvelogic Threat Intelligence