Lucene search
+L

49 matches found

OSV
OSV
added 2020/01/22 10:15 p.m.4 views

PYSEC-2020-187

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash...

7AI score
Exploits0References4
OSV
OSV
added 2020/01/22 10:15 p.m.6 views

PYSEC-2020-168

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash...

7AI score
Exploits0References4
OSV
OSV
added 2020/01/22 10:15 p.m.1 views

PYSEC-2020-185

A double-free is present in libyang before v1.0-r1 in the function yyparse when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...

7.4AI score
Exploits0References4
OSV
OSV
added 2020/01/22 10:15 p.m.7 views

PYSEC-2020-169

A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lysparsepath parsing...

7AI score
Exploits0References3
OSV
OSV
added 2020/01/22 10:15 p.m.3 views

PYSEC-2020-190

A NULL pointer dereference is present in libyang before v1.0-r3 in the function lysextensioninstancesfree due to a copy of unresolved extensions in lysrestrdup. Applications that use libyang to parse untrusted input yang files may crash...

7AI score
Exploits0References4
OSV
OSV
added 2020/01/22 10:15 p.m.4 views

PYSEC-2020-186

A double-free is present in libyang before v1.0-r3 in the function yyparse when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...

7.4AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/12/06 4:15 p.m.34 views

CVE-2019-19333

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of...

9.8CVSS7.5AI score0.03644EPSS
Exploits0References2
OSV
OSV
added 2019/12/06 4:15 p.m.8 views

PYSEC-2019-101

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a...

9.8CVSS9.9AI score0.0387EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2019/12/06 3:19 p.m.31 views

CVE-2019-19333

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of...

9.8CVSS8.5AI score0.03644EPSS
Exploits0
Rows per page
Query Builder