11 matches found
libyang 安全漏洞
LibYang is an open-source YANG data modeling language parser and toolkit developed in C language by CESNET. Versions of LibYang prior to 5.2.6 contained security vulnerabilities. These vulnerabilities stemmed from a write vulnerability in the lyd parsersetdataflags function, which allowed attacke...
PT-2026-41121
Name of the Vulnerable Software and Affected Versions libyang versions prior to 5.2.15 Description The lyb read string function in src/parser lyb.c contains an integer overflow. This occurs when parsing a maliciously crafted LYB binary blob, leading to a heap buffer overflow. An attacker capable ...
[SECURITY] Fedora 38 Update: libyang-2.1.55-1.fc38
Libyang is YANG data modeling language parser and toolkit written and providing API in C...
libyang: Multiple vulnerabilities
Background YANG data modeling language library. Description Multiple vulnerabilities have been discovered in libyang. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this...
CVE-2021-28904
A flaw was found in libyang. A NULL pointer dereference in extgetplugin function allows a remote attacker to crash an application that uses libyang with user-controlled YANG data. The highest threat from this vulnerability is the service availability...
Libyang has an unspecified vulnerability
libyang is a YANG data modeling language parser and toolkit written in C. It can be used as a toolkit for data modeling. A security vulnerability exists in libyang version 1.0.225 and earlier versions, which originates in lysnodefree, which does not check if the value of revision is NULL. no...
Unspecified vulnerability in libyang (CNVD-2021-37200)
libyang is a YANG data modeling language parser and toolkit written in C. It can be used as a toolkit for data modeling. A security vulnerability exists in libyang v1.0.225 and earlier versions, which stems from the readyincontainer function not checking if the value of retval-extr is NULL. no...
Libyang Stack Overflow Vulnerability
libyang is a YANG data modeling language parser and toolkit written in C. It can be used as a toolkit for data modeling. A security vulnerability exists in libyang version 1.0.225 and earlier versions, which stems from a stack overflow that could lead to a denial of service via the function lysml...
Important: Red Hat Security Advisory: libyang security update
An update for libyang is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: libyang security update
The libyang package provides a library for YANG data modeling language. libyang is a YANG data modelling language parser and toolkit written and providing API in C. The library is used e.g. in libnetconf2, Netopeer2, sysrepo and FRRouting projects. Security Fixes: libyang: stack-based buffer...
Fedora Update for libyang FEDORA-2019-9d83929ffa
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...