cve/2019/CVE-2019-6285.md

CVE-2019-6285

Description

The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.

POC

Reference

• https://github.com/jbeder/yaml-cpp/issues/660

Github

• https://github.com/ICSE2020-MemLock/MemLock_Benchmark
• https://github.com/SZU-SE/MemLock_Benchmark
• https://github.com/SZU-SE/Stack-overflow-Fuzzer-TestSuite
• https://github.com/tzf-key/MemLock_Benchmark
• https://github.com/tzf-omkey/MemLock_Benchmark
• https://github.com/wcventure/MemLock_Benchmark