12 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-28904
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In function extgetplugin in libyang = v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmprevision,...
RHEL 8 : libyang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libyang: NULL pointer dereference in readyinleaf CVE-2021-28906 - libyang: NULL pointer dereference via...
SUSE CVE-2021-28904
In function extgetplugin in libyang = v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmprevision, extpluginsu.revision will lead to a crash...
openSUSE: Security Advisory for libyang (SUSE-SU-2022:3245-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:3245-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: libyang-cpp-devel / libyang-cpp1 / libyang-devel / libyang-doc / etc (SUSE-SU-2022:3245-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3245-1 advisory. - CVE-2021-28906: Fixed missing check in readyinleaf that can lead to DoS bsc1186378 - CVE-2021-28904: Fixed missing...
SUSE-SU-2022:3245-1 Security update for libyang
This update for libyang fixes the following issues: - CVE-2021-28906: Fixed missing check in readyinleaf that can lead to DoS bsc1186378 - CVE-2021-28904: Fixed missing check in extgetplugin that lead to DoS bsc1186376. - CVE-2021-28903: Fixed stack overflow in lyxmlparsemem bsc1186375. -...
CVE-2021-28904
In function extgetplugin in libyang = v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmprevision, extpluginsu.revision will lead to a crash...
CVE-2021-28904
In function extgetplugin in libyang = v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmprevision, extpluginsu.revision will lead to a crash...
CVE-2021-28904
In function extgetplugin in libyang = v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmprevision, extpluginsu.revision will lead to a crash...
CVE-2021-28904
CVE-2021-28904 affects libyang up to version 1.0.225. The vulnerability is a NULL-check issue in ext_get_plugin(): if the revision value is NULL, the code path executes strcmp(revision, ext_plugins[u].revision) and can crash. Public sources describe this as a NULL pointer dereference condition in...
CVE-2021-28904
In function extgetplugin in libyang = v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmprevision, extpluginsu.revision will lead to a crash...