78 matches found
EUVD-2019-10945
Malware in sbrugna...
EUVD-2019-10942
Malware in sbrugna...
EUVD-2019-8954
Malware in sbrugna...
EUVD-2019-8955
Malware in sbrugna...
SUSE CVE-2019-19333
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of...
SUSE CVE-2019-20392
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolvefeaturevalue when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash...
SUSE CVE-2019-20391
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash...
SUSE CVE-2019-20395
A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash...
SUSE CVE-2019-20398
A NULL pointer dereference is present in libyang before v1.0-r3 in the function lysextensioninstancesfree due to a copy of unresolved extensions in lysrestrdup. Applications that use libyang to parse untrusted input yang files may crash...
libyang: double-free in function yyparse() when empty description is used
A double-free flaw occurs in libyang in function yyparse when an empty description is used. Applications that use libyang to process untrusted input YANG files may be vulnerable to this flaw, possibly causing a crash or potential code execution...
libyang: stack-overflow when parsing yang files with self-referential union types
A stack-overflow flaw was found in libyang due to a self-referential union type containing leafrefs. Applications that use libyang to process untrusted input YANG files may crash while processing malformed files...
libyang: double-free in yyparse() when a type statement is used in a notification statement
A double-free flaw occurs in libyang in function yyparse when a type statement is used in a notification statement. Applications that use libyang to process untrusted input YANG files may be vulnerable to this flaw, possibly causing a crash or potential code execution...
libyang: heap-based buffer over-read in function lys_type_free() due to malformed pattern
A heap-based buffer over-read flaw occurs in libyang in function lystypefree due to a malformed pattern statement value. Applications that use libyang to process untrusted input yang files may be vulnerable to this flaw, possibly causing a crash or information leaks...
libyang: invalid memory access in resolve_feature_value() when a if-feature is used inside a bit
An invalid memory access flaw occurs in libyang in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to process untrusted input YANG files may crash...
CVE-2019-20398
A NULL pointer dereference flaw occurs in libyang in the function lysextensioninstancesfree due to a copy of unresolved extensions in lysrestrdup. Applications that use libyang to process untrusted input YANG files may crash...
CVE-2019-20397
A double-free flaw occurs in libyang in function yparse when an organization field is not terminated. Applications that use libyang to process untrusted input YANG files may be vulnerable to this flaw, possibly causing a crash or potential code execution...
CVE-2019-20395
A stack-overflow flaw was found in libyang due to a self-referential union type containing leafrefs. Applications that use libyang to process untrusted input YANG files may crash while processing malformed files...
CVE-2019-20392
An invalid memory access flaw was discovered in libyang in the function resolvefeaturevalue when an if-feature statement is used inside a list key node and the feature used is not defined. Applications that use libyang to process untrusted input YANG files may crash...
CVE-2019-20393
A double-free flaw occurs in libyang in function yyparse when an empty description is used. Applications that use libyang to process untrusted input YANG files may be vulnerable to this flaw, possibly causing a crash or potential code execution...
CVE-2019-20391
An invalid memory access flaw occurs in libyang in the function resolvefeaturevalue when an if-feature statement is used inside a bit. Applications that use libyang to process untrusted input YANG files may crash...