Lucene search

Veracode Vulnerability DatabaseVERACODE:40143

HistoryApr 17, 2023 - 3:11 p.m.

Denial Of Service (DoS)

2023-04-1715:11:48

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

vulnerability

dos attack

libyang.so

0.001 Low

EPSS

Percentile

48.1%

JSON

libyang.so is vulnerable to Denial of Service (DoS) attacks. A malicious user is able to cause a NULL pointer dereference via the function lys_parse_mem in lys_parse_mem.c, causing the application to crash.

CPENameOperatorVersion
libyang.sole2.29.2
libyang.sole2.29.2

CPE	Name	Operator	Version
	libyang.so	le	2.29.2
	libyang.so	le	2.29.2

References

github.com/CESNET/libyang/commit/dc668d296f9f05aeab6315d44cff3208641e3096

github.com/CESNET/libyang/issues/1979

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/

lists.fedoraproject.org/archives/list/[email protected]/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/

lists.fedoraproject.org/archives/list/[email protected]/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/

0.001 Low

EPSS

Percentile

48.1%

JSON

Related for VERACODE:40143