5 matches found
Debian dla-3572 : libyang-cpp-dev - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3572 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3572-1 [email protected]...
CVE-2019-20397
A double-free flaw occurs in libyang in function yparse when an organization field is not terminated. Applications that use libyang to process untrusted input YANG files may be vulnerable to this flaw, possibly causing a crash or potential code execution...
CVE-2019-20397
A double-free is present in libyang before v1.0-r1 in the function yyparse when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...
CVE-2019-20397
CVE-2019-20397 is a memory corruption flaw in libyang prior to v1.0-r1, caused by a double-free in yyparse() when an organization field is not terminated. This can crash the application or lead to arbitrary code execution if untrusted YANG data is parsed. Upstream details are confirmed, and affec...
CVE-2019-20397
A double-free is present in libyang before v1.0-r1 in the function yyparse when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...