6 matches found
Debian dla-3572 : libyang-cpp-dev - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3572 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3572-1 [email protected]...
CVE-2019-20392
An invalid memory access flaw was discovered in libyang in the function resolvefeaturevalue when an if-feature statement is used inside a list key node and the feature used is not defined. Applications that use libyang to process untrusted input YANG files may crash...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
UBUNTU-CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
CVE-2019-20392
The CVE-2019-20392 issue affects libyang prior to v1.0-r1, where resolve_feature_value() can take an invalid memory path when an if-feature is used inside a list key node and the feature is not defined. This can cause application crashes when parsing untrusted YANG input. No exploitation details ...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...