EUVD-2019-10943

Malware in sbrugna...

libyang resource management error vulnerability (CNVD-2020-10241)

libyang is a YANG data modeling language parser and toolkit written in C. It can be used as a toolkit for data modeling. A resource management error vulnerability exists in the 'yyparse' function in versions of libyang prior to 1.0-r1. An attacker can exploit this vulnerability to cause an...

PYSEC-2020-170

A double-free is present in libyang before v1.0-r1 in the function yyparse when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...

UBUNTU-CVE-2019-20397

A double-free is present in libyang before v1.0-r1 in the function yyparse when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...

PT-2019-1107 · Libyang · Libyang

Name of the Vulnerable Software and Affected Versions: libyang versions prior to v1.0-r1 Description: A double-free issue is present in the yyparse function when an empty description is used, potentially causing a crash or code execution. This issue affects applications that use libyang to parse...

CVE-2018-17072

JSON++ through 2016-06-15 has a buffer over-read in yyparse in json.y...

CVE-2017-5923

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted rule that is mishandled in the yarayyparse function...