6 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-20398
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference is present in libyang before v1.0-r3 in the function lysextensioninstancesfree due to a copy of unresolved extensions in lysrestrdup...
CVE-2019-20392
An invalid memory access flaw was discovered in libyang in the function resolvefeaturevalue when an if-feature statement is used inside a list key node and the feature used is not defined. Applications that use libyang to process untrusted input YANG files may crash...
DEBIAN-CVE-2019-20393
A double-free is present in libyang before v1.0-r1 in the function yyparse when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...
CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
PT-2020-1241 · Libyang · Libyang
Name of the Vulnerable Software and Affected Versions: libyang versions prior to v1.0-r1 Description: A double-free issue is present in the yyparse function when an organization field is not terminated, potentially causing a crash or code execution. This affects applications that use libyang to...
PT-2020-1239 · Libyang · Libyang
Name of the Vulnerable Software and Affected Versions: libyang versions prior to 1.0-r1 Description: A stack consumption issue is present due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash. Recommendations: For...