Alibaba Cloud Linux 3 : 0076: libyang (ALINUX3-SA-2022:0076)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0076 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-19333: In all versions of libyang...

CVE-2019-19334

creationtimestamp| type| source ---|---|--- 2024-03-07 20:11:42+00:00| seen| https://t.me/ctinow/202741...

Oracle Linux 8 : libyang (ELSA-2019-4360)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2019-4360 advisory. - Resolves: 1779573 - CVE-2019-19333 libyang: stack-based buffer overflow in makecanonical when bits leaf type is used Tenable has extracted the...

Fedora Update for libyang FEDORA-2019-dfe0b42bc5

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

libyang security update

0.16.105-3.2 - Related: 1779573 - Fixing a few covscan issues 0.16.105-3.1 - Resolves: 1779573 - CVE-2019-19333 libyang: stack-based buffer overflow in makecanonical when bits leaf type is used - Resolves: 1779576 - CVE-2019-19334 libyang: stack-based buffer overflow in makecanonical when...

Important: Red Hat Security Advisory: libyang security update

An update for libyang is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Important: libyang security update

The libyang package provides a library for YANG data modeling language. libyang is a YANG data modelling language parser and toolkit written and providing API in C. The library is used e.g. in libnetconf2, Netopeer2, sysrepo and FRRouting projects. Security Fixes: libyang: stack-based buffer...

Fedora 30 : libyang (2019-9d83929ffa)

Rebase to version 1.0.101 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

Fedora 31 : libyang (2019-dfe0b42bc5)

Rebase to version 1.0.101 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

CVE-2019-19334

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a...

CVE-2019-19334

CVE-2019-19334 affects libyang prior to 1.0-r5, where parsing YANG files containing a leaf of type identityref can trigger a stack-based buffer overflow. This may allow a remote attacker to cause a denial of service or possibly gain code execution when processing untrusted YANG data. The availabl...