MGASA-2018-0471

Source
https://advisories.mageia.org/MGASA-2018-0471.html
Import Source
https://advisories.mageia.org/MGASA-2018-0471.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2018-0471
Related
Published
2018-11-28T20:50:16Z
Modified
2018-11-28T20:25:59Z
Summary
Updated yaml-cpp packages fix security vulnerability
Details

The SingleDocParser::HandleNode function in yaml-cpp (aka LibYaml-C++) 0.5.1 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. (CVE-2017-5950)

References
Credits

Affected packages

Mageia:6 / yaml-cpp

Package

Name
yaml-cpp
Purl
pkg:rpm/mageia/yaml-cpp?distro=mageia-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.5.1-6.1.mga6

Ecosystem specific

{
    "section": "core"
}