3 matches found
Debian dla-3572 : libyang-cpp-dev - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3572 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3572-1 [email protected]...
CVE-2019-20394
CVE-2019-20394 affects libyang. The vulnerability is a double-free in yyparse() when a type statement is used inside a notification statement, enabling denial of service and potentially code execution if untrusted YANG input is parsed. Public references in the connected documents identify the aff...
CVE-2019-20394
A double-free is present in libyang before v1.0-r3 in the function yyparse when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...