Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Installer Updates 15 SP2 package yaml-cpp, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2018-20573 — CVSS 6.5 (medium): The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack…
CVE-2018-20574 — CVSS 6.5 (medium): The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack…
CVE-2019-6285 — CVSS 6.5 (medium): The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service…
CVE-2019-6292 — CVSS 6.5 (medium): An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and…