Yaml-cpp Project Yaml-cpp — known CVE vulnerabilities
Every CVE whose affected-product data names Yaml-cpp Project Yaml-cpp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2017-11692 — CVSS 7.5 (high): The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service…
CVE-2018-20573 — CVSS 6.5 (medium): The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack…
CVE-2018-20574 — CVSS 6.5 (medium): The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack…
CVE-2019-6285 — CVSS 6.5 (medium): The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service…
CVE-2019-6292 — CVSS 6.5 (medium): An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYaml-C++) 0.6.2. Stack Exhaustion occurs in YAML::SingleDocParser, and…
CVE-2017-5950 — CVSS 5.5 (medium): The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.3 allows remote attackers to cause a denial of service (stack…