CVE-2019-6292

Published: 15/01/2019 Updated: 24/08/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 385

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

An issue exists in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode. Remote attackers could leverage this vulnerability to cause a denial-of-service via a cpp file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
yaml-cpp project yaml-cpp 0.6.2

Debian Bug report logs - #919430 yaml-cpp: CVE-2019-6292 Package: src:yaml-cpp; Maintainer for src:yaml-cpp is Simon Quigley <tsimonq2@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 15 Jan 2019 20:57:01 UTC Severity: important Tags: security, upstream Found in version yaml-cpp/062-4 ...

Debian Bug report logs - #919432 yaml-cpp: CVE-2019-6285 Package: src:yaml-cpp; Maintainer for src:yaml-cpp is Simon Quigley <tsimonq2@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 15 Jan 2019 21:15:01 UTC Severity: important Tags: security, upstream Found in version yaml-cpp/062-4 ...

An issue was discovered in singledocparsercpp in yaml-cpp (aka LibYaml-C++) 062 Stack Exhaustion occurs in YAML::SingleDocParser, and there is a stack consumption problem caused by recursive stack frames: HandleCompactMap, HandleMap, HandleFlowSequence, HandleSequence, HandleNode Remote attackers could leverage this vulnerability to cause a de ...

CWE-674 https://github.com/jbeder/yaml-cpp/issues/657 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919430

CVE-2019-6292

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect