CVE-2019-20396

2020-01-23T09:39:51
ID RH:CVE-2019-20396
Type redhatcve
Reporter redhat.com
Modified 2021-10-28T14:44:13

Description

A heap-based buffer over-read flaw occurs in libyang in function lys_type_free() due to a malformed pattern statement value. Applications that use libyang to process untrusted input yang files may be vulnerable to this flaw, possibly causing a crash or information leaks.