EPSS
Percentile
36.8%
libyang.so is vulnerable to Denial of Service (DoS) attacks. A malicious user is able to cause a NULL pointer dereference via the function lysp_stmt_validate_value in lys_parse_mem.c, causing the application to crash.
lysp_stmt_validate_value
lys_parse_mem.c
github.com/CESNET/libyang/commit/cfa1a965a429e4bfc5ae1539a8e87a9cf71c3090
github.com/CESNET/libyang/issues/1987