CVE-2017-11692

HIGH

yaml-cpp < 0.5.3 - Denial of Service via Scanner::peek Token Assertion Failure

Title source: llm
STIX 2.1

Description

The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string.

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/jbeder/yaml-cpp/issues/519
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202007-14

Scores

CVSS v3 7.5
EPSS 0.0225
EPSS Percentile 80.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-617
Status published
Products (1)
yaml-cpp_project/yaml-cpp < 0.5.3
Published Jul 30, 2017
Tracked Since Feb 18, 2026