11 matches found
Denial Of Service (DoS)
libyang.so is vulnerable to denial of service DoS. It is due to the use of if-feature statement inside a list key node without defining the feature used, causing a SIGSEGV signal in the function lysparsepathand crashing the application...
CVE-2019-20392
An invalid memory access flaw was discovered in libyang in the function resolvefeaturevalue when an if-feature statement is used inside a list key node and the feature used is not defined. Applications that use libyang to process untrusted input YANG files may crash...
CVE-2019-20391
An invalid memory access flaw occurs in libyang in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to process untrusted input YANG files may crash...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
CVE-2019-20391
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash...
Design/Logic Flaw
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
CVE-2019-20391
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash...
Design/Logic Flaw
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...