EUVD-2021-15557

Malware in sbrugna...

The vulnerability of the ext_get_plugin() function in the syntax analyzer and data modeling tool of YANG Libyang, related to an unvalidated return value, allows a malicious actor to trigger a service failure.

The vulnerability of the extgetplugin function in the syntax analyzer and data modeling tool of the YANG Libyang language is related to the lack of checking for a NULL revision. Exploiting this vulnerability could allow an attacker to cause service failures...

DEBIAN-CVE-2021-28904

In function extgetplugin in libyang = v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmprevision, extpluginsu.revision will lead to a crash...

libyang 安全漏洞

libyang is a YANG data modeling language parser and toolkit written in C. It can be used as a toolkit for data modeling. A security vulnerability exists in libyang v1.0.225 and earlier versions, which stems from a failure to check if the value of revision is NULL in the extgetplugin function.No...

libyang 安全漏洞

libyang is a YANG data modeling language parser and toolkit written in C. It can be used as a toolkit for data modeling. A security vulnerability exists in libyang version 1.0.225 and earlier versions, which originates in readyinleaf, which does not check if the value of revision is NULL. no...

PT-2021-4115 · Libyang +2 · Libyang +2

Name of the Vulnerable Software and Affected Versions: libyang versions prior to 1.0.225 Description: The issue is related to the function ext get plugin in the libyang library, where it fails to check if the revision value is NULL. This oversight can lead to a crash when the strcmp function is...