Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via the lydparsersetdataflags function. An attacker can cause process crashes or potentially execute arbitrary code by submitting crafted YANG XML documents with specific metadata attributes to applications that parse...

DEBIAN-CVE-2026-41401

libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...

UBUNTU-CVE-2026-41401

libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...

CVE-2026-41401

CVE-2026-41401 affects libyang prior to 5.2.6, where a heap-use-after-free occurs in lyd_parser_set_data_flags due to incorrect updates to metadata list pointers when freeing non-head default metadata entries. This can be triggered by submitting crafted YANG XML documents with specific metadata a...

CVE-2026-41401 libyang - Heap Use-After-Free Write in XML Metadata Parsing

libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...

CVE-2026-41401 libyang - Heap Use-After-Free Write in XML Metadata Parsing

libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...

jsPDF Vulnerable to Stored XMP Metadata Injection (Spoofing & Integrity Violation)

Impact User control of the first argument of the addMetadata function allows users to inject arbitrary XML. If given the possibility to pass unsanitized input to the addMetadata method, a user can inject arbitrary XMP metadata into the generated PDF. If the generated PDF is signed, stored or...

EUVD-2020-7757

Malware in sbrugna...

U.S. Dept Of Defense: Publicly Accessible CDN Endpoint Exposing XML Metadata (including ETag)

A publicly accessible CDN endpoint was found that returned raw XML listing of stored objects, including metadata such as Key, LastModified, Size, StorageClass, and ETag. The ETag values, which can contain object hashes, were exposed publicly. This configuration allowed reconnaissance of the...

lunary cross-site scripting vulnerability (CNVD-2025-08307)

lunary is lunary open source a production toolkit for LLM . lunary cross-site scripting vulnerability , the vulnerability stems from the SAML IdP XML metadata on user-supplied data lack of effective filtering and escaping , an attacker can use the vulnerability to obtain and modify sensitive...

UBUNTU-CVE-2021-29421

models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Python allows XXE when parsing XMP metadata entries...

PT-2021-18202

Name of the Vulnerable Software and Affected Versions: pikepdf versions 1.3.0 through 2.9.2 Description: The issue allows XXE XML External Entity attacks when parsing XMP metadata entries in the models/metadata.py file of the pikepdf package for Python. This occurs due to improper handling of XML...

Server side request forgery (ssrf)

An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. When configuring Gradle Enterprise to integrate with a SAML identity provider, an XML metadata file can be uploaded by an administrator. The server side processing of this file dereferences XML External Entities XXE, allowing a remot...