The function “Token& Scanner::peek” in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a ‘!2’ string.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11692
Reference (s):
- GENTOO:GLSA-202007-14
- URL: https://security.gentoo.org/glsa/202007-14
- https://github.com/jbeder/yaml-cpp/issues/519