Search criteria
51 vulnerabilities found for libyang by cesnet
FKIE_CVE-2023-26917
Vulnerability from fkie_nvd - Published: 2023-04-11 12:15 - Updated: 2025-02-11 16:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/CESNET/libyang/issues/1987 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/CESNET/libyang/issues/1987 | Exploit, Issue Tracking |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45E8D3A2-7CA5-4C1C-B0EB-6AD5BC13D455",
"versionEndIncluding": "2.1.30",
"versionStartIncluding": "2.0.164",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c."
}
],
"id": "CVE-2023-26917",
"lastModified": "2025-02-11T16:15:36.753",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-11T12:15:07.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/CESNET/libyang/issues/1987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/CESNET/libyang/issues/1987"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-26916
Vulnerability from fkie_nvd - Published: 2023-04-03 22:15 - Updated: 2025-02-18 17:15
Severity ?
Summary
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cesnet | libyang | * | |
| fedoraproject | fedora | 36 | |
| fedoraproject | fedora | 37 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45E8D3A2-7CA5-4C1C-B0EB-6AD5BC13D455",
"versionEndIncluding": "2.1.30",
"versionStartIncluding": "2.0.164",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c."
}
],
"id": "CVE-2023-26916",
"lastModified": "2025-02-18T17:15:16.370",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-03T22:15:07.060",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1979"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-28904
Vulnerability from fkie_nvd - Published: 2021-05-20 19:15 - Updated: 2024-11-21 06:00
Severity ?
Summary
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/CESNET/libyang/issues/1451 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/CESNET/libyang/issues/1451 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFE711D-6C8F-4F0F-B53E-BB952DC1FF39",
"versionEndIncluding": "1.0.225",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In function ext_get_plugin() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash."
},
{
"lang": "es",
"value": "En la funci\u00f3n ext_get_plugin() en libyang versiones anteriores a v1.0.225 incluy\u00e9ndola, no comprueba si el valor de la revisi\u00f3n es NULL.\u0026#xa0;Si la revisi\u00f3n es NULL, la operaci\u00f3n de strcmp (revisi\u00f3n, ext_plugins[u] .revision) provocar\u00e1 un bloqueo"
}
],
"id": "CVE-2021-28904",
"lastModified": "2024-11-21T06:00:22.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-20T19:15:07.673",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1451"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-28905
Vulnerability from fkie_nvd - Published: 2021-05-20 19:15 - Updated: 2024-11-21 06:00
Severity ?
Summary
In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL. But in some cases, node->module can be null, which triggers a reachable assertion (CWE-617).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/CESNET/libyang/issues/1452 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/CESNET/libyang/issues/1452 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFE711D-6C8F-4F0F-B53E-BB952DC1FF39",
"versionEndIncluding": "1.0.225",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In function lys_node_free() in libyang \u003c= v1.0.225, it asserts that the value of node-\u003emodule can\u0027t be NULL. But in some cases, node-\u003emodule can be null, which triggers a reachable assertion (CWE-617)."
},
{
"lang": "es",
"value": "En la funci\u00f3n lys_node_free() en libyang versiones anteriores a v1.0.225 incluy\u00e9ndola, afirma que el valor de node-)module no puede ser NULL.\u0026#xa0;Pero en algunos casos, node-) module puede ser nulo, lo que desencadena una aserci\u00f3n alcanzable (CWE-617)"
}
],
"id": "CVE-2021-28905",
"lastModified": "2024-11-21T06:00:22.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-20T19:15:07.710",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1452"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-28903
Vulnerability from fkie_nvd - Published: 2021-05-20 19:15 - Updated: 2024-11-21 06:00
Severity ?
Summary
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/CESNET/libyang/issues/1453 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/CESNET/libyang/issues/1453 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFE711D-6C8F-4F0F-B53E-BB952DC1FF39",
"versionEndIncluding": "1.0.225",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in libyang \u003c= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash."
},
{
"lang": "es",
"value": "Un desbordamiento de pila en libyang versiones anteriores a v1.0.225 incluy\u00e9ndola, puede causar una denegaci\u00f3n de servicio por medio de la funci\u00f3n lyxml_parse_mem().\u0026#xa0;La funci\u00f3n lyxml_parse_elem() ser\u00e1 llamada de forma recursiva, lo que consumir\u00e1 espacio en la pila y conllevar\u00e1 a un bloqueo"
}
],
"id": "CVE-2021-28903",
"lastModified": "2024-11-21T06:00:22.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-20T19:15:07.637",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1453"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-28902
Vulnerability from fkie_nvd - Published: 2021-05-20 19:15 - Updated: 2024-11-21 06:00
Severity ?
Summary
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/CESNET/libyang/issues/1454 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/CESNET/libyang/issues/1454 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFE711D-6C8F-4F0F-B53E-BB952DC1FF39",
"versionEndIncluding": "1.0.225",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In function read_yin_container() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
},
{
"lang": "es",
"value": "En la funci\u00f3n read_yin_container() en libyang versiones anteriores a v1.0.225 incluy\u00e9ndola, no comprueba si el valor de retval-)ext[r] es NULL.\u0026#xa0;En algunos casos, puede ser NULL, lo que conlleva a una operaci\u00f3n de retval-)ext [r]-)flags que resulta en un bloqueo"
}
],
"id": "CVE-2021-28902",
"lastModified": "2024-11-21T06:00:22.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-20T19:15:07.590",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1454"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-28906
Vulnerability from fkie_nvd - Published: 2021-05-20 19:15 - Updated: 2024-11-21 06:00
Severity ?
Summary
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/CESNET/libyang/issues/1455 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/CESNET/libyang/issues/1455 | Exploit, Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202107-54 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CFE711D-6C8F-4F0F-B53E-BB952DC1FF39",
"versionEndIncluding": "1.0.225",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In function read_yin_leaf() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
},
{
"lang": "es",
"value": "En la funci\u00f3n read_yin_leaf() en libyang versiones anteriores a v1.0.225 incluy\u00e9ndola, no comprueba si el valor de retval-)ext [r] es NULL.\u0026#xa0;En algunos casos, puede ser NULL, lo que conlleva a la operaci\u00f3n de retval-)ext[r]-)flags que resulta en un bloqueo"
}
],
"id": "CVE-2021-28906",
"lastModified": "2024-11-21T06:00:22.887",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-20T19:15:07.747",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1455"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/1455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-252"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-20391
Vulnerability from fkie_nvd - Published: 2020-01-22 22:15 - Updated: 2024-11-21 04:38
Severity ?
Summary
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r1:*:*:*:*:*:*",
"matchCriteriaId": "65E91322-5F67-43C2-8112-5ECAEC2A3C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r2:*:*:*:*:*:*",
"matchCriteriaId": "80A88DE4-93F8-40C3-AA52-A5F353F028AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "05C120CA-50EF-4B6D-92C9-ED736219DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r2:*:*:*:*:*:*",
"matchCriteriaId": "99D1FA55-3F56-4E09-B41E-B05C199B96B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r1:*:*:*:*:*:*",
"matchCriteriaId": "35D48EC4-58D2-49C6-8049-920787733587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "B57F3953-49D6-413C-A4AE-03125935FC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.14:r1:*:*:*:*:*:*",
"matchCriteriaId": "DD62411F-A524-4E80-B540-780EA39CB6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.15:r1:*:*:*:*:*:*",
"matchCriteriaId": "FEF091B1-978A-4881-B1FC-6848CD1A7BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r1:*:*:*:*:*:*",
"matchCriteriaId": "0C50D690-9A4D-4B78-BF4E-A4D9B4074216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r2:*:*:*:*:*:*",
"matchCriteriaId": "124A5D30-7451-4516-9AA2-963AE62DD679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r3:*:*:*:*:*:*",
"matchCriteriaId": "C260D13B-82E9-4596-9116-61073B42D661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:1.0:r1:*:*:*:*:*:*",
"matchCriteriaId": "5F8D5FC0-959E-4014-9CB7-91378CC8B2BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:1.0:r2:*:*:*:*:*:*",
"matchCriteriaId": "DCBDA519-805B-4193-8092-75E2748A7BC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash."
},
{
"lang": "es",
"value": "Un fallo de acceso a memoria no v\u00e1lida est\u00e1 presente en libyang versiones anteriores a v1.0-r3, en la funci\u00f3n resolve_feature_value() cuando es usada una sentencia if-feature dentro de un bit. Las aplicaciones que usan libyang para analizar archivos de entrada yang no confiables pueden bloquearse."
}
],
"id": "CVE-2019-20391",
"lastModified": "2024-11-21T04:38:22.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T22:15:10.080",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793934"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/bdb596ddc07596fa212f231135b87d0b9178f6f8"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/772"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/bdb596ddc07596fa212f231135b87d0b9178f6f8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-20395
Vulnerability from fkie_nvd - Published: 2020-01-22 22:15 - Updated: 2024-11-21 04:38
Severity ?
Summary
A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r1:*:*:*:*:*:*",
"matchCriteriaId": "65E91322-5F67-43C2-8112-5ECAEC2A3C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r2:*:*:*:*:*:*",
"matchCriteriaId": "80A88DE4-93F8-40C3-AA52-A5F353F028AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "05C120CA-50EF-4B6D-92C9-ED736219DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r2:*:*:*:*:*:*",
"matchCriteriaId": "99D1FA55-3F56-4E09-B41E-B05C199B96B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r1:*:*:*:*:*:*",
"matchCriteriaId": "35D48EC4-58D2-49C6-8049-920787733587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "B57F3953-49D6-413C-A4AE-03125935FC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.14:r1:*:*:*:*:*:*",
"matchCriteriaId": "DD62411F-A524-4E80-B540-780EA39CB6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.15:r1:*:*:*:*:*:*",
"matchCriteriaId": "FEF091B1-978A-4881-B1FC-6848CD1A7BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r1:*:*:*:*:*:*",
"matchCriteriaId": "0C50D690-9A4D-4B78-BF4E-A4D9B4074216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r2:*:*:*:*:*:*",
"matchCriteriaId": "124A5D30-7451-4516-9AA2-963AE62DD679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r3:*:*:*:*:*:*",
"matchCriteriaId": "C260D13B-82E9-4596-9116-61073B42D661",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash."
},
{
"lang": "es",
"value": "Un problema de consumo de pila est\u00e1 presente en libyang versiones anteriores a v1.0-r1, debido al tipo de uni\u00f3n autorreferencial que contiene leafrefs. Las aplicaciones que usan libyang para analizar archivos de entrada yang no confiables pueden bloquearse."
}
],
"id": "CVE-2019-20395",
"lastModified": "2024-11-21T04:38:23.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T22:15:10.423",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793924"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/4e610ccd87a2ba9413819777d508f71163fcc237"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/724"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/4e610ccd87a2ba9413819777d508f71163fcc237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-20392
Vulnerability from fkie_nvd - Published: 2020-01-22 22:15 - Updated: 2024-11-21 04:38
Severity ?
Summary
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r1:*:*:*:*:*:*",
"matchCriteriaId": "65E91322-5F67-43C2-8112-5ECAEC2A3C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r2:*:*:*:*:*:*",
"matchCriteriaId": "80A88DE4-93F8-40C3-AA52-A5F353F028AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "05C120CA-50EF-4B6D-92C9-ED736219DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r2:*:*:*:*:*:*",
"matchCriteriaId": "99D1FA55-3F56-4E09-B41E-B05C199B96B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r1:*:*:*:*:*:*",
"matchCriteriaId": "35D48EC4-58D2-49C6-8049-920787733587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "B57F3953-49D6-413C-A4AE-03125935FC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.14:r1:*:*:*:*:*:*",
"matchCriteriaId": "DD62411F-A524-4E80-B540-780EA39CB6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.15:r1:*:*:*:*:*:*",
"matchCriteriaId": "FEF091B1-978A-4881-B1FC-6848CD1A7BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r1:*:*:*:*:*:*",
"matchCriteriaId": "0C50D690-9A4D-4B78-BF4E-A4D9B4074216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r2:*:*:*:*:*:*",
"matchCriteriaId": "124A5D30-7451-4516-9AA2-963AE62DD679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r3:*:*:*:*:*:*",
"matchCriteriaId": "C260D13B-82E9-4596-9116-61073B42D661",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash."
},
{
"lang": "es",
"value": "Un fallo de acceso a memoria no v\u00e1lida est\u00e1 presente en libyang versiones anteriores a v1.0-r1, en la funci\u00f3n resolve_feature_value() cuando es usada una sentencia if-feature dentro de un nodo de clave de lista, y la caracter\u00edstica usada no est\u00e1 definida. Las aplicaciones que utilizan libyang para analizar archivos de entrada yang no confiables pueden bloquearse."
}
],
"id": "CVE-2019-20392",
"lastModified": "2024-11-21T04:38:22.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T22:15:10.143",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793922"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/32fb4993bc8bb49e93e84016af3c10ea53964be5"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/723"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/32fb4993bc8bb49e93e84016af3c10ea53964be5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-20398
Vulnerability from fkie_nvd - Published: 2020-01-22 22:15 - Updated: 2024-11-21 04:38
Severity ?
Summary
A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang to parse untrusted input yang files may crash.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r1:*:*:*:*:*:*",
"matchCriteriaId": "65E91322-5F67-43C2-8112-5ECAEC2A3C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r2:*:*:*:*:*:*",
"matchCriteriaId": "80A88DE4-93F8-40C3-AA52-A5F353F028AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "05C120CA-50EF-4B6D-92C9-ED736219DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r2:*:*:*:*:*:*",
"matchCriteriaId": "99D1FA55-3F56-4E09-B41E-B05C199B96B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r1:*:*:*:*:*:*",
"matchCriteriaId": "35D48EC4-58D2-49C6-8049-920787733587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "B57F3953-49D6-413C-A4AE-03125935FC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.14:r1:*:*:*:*:*:*",
"matchCriteriaId": "DD62411F-A524-4E80-B540-780EA39CB6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.15:r1:*:*:*:*:*:*",
"matchCriteriaId": "FEF091B1-978A-4881-B1FC-6848CD1A7BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r1:*:*:*:*:*:*",
"matchCriteriaId": "0C50D690-9A4D-4B78-BF4E-A4D9B4074216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r2:*:*:*:*:*:*",
"matchCriteriaId": "124A5D30-7451-4516-9AA2-963AE62DD679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r3:*:*:*:*:*:*",
"matchCriteriaId": "C260D13B-82E9-4596-9116-61073B42D661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:1.0:r1:*:*:*:*:*:*",
"matchCriteriaId": "5F8D5FC0-959E-4014-9CB7-91378CC8B2BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:1.0:r2:*:*:*:*:*:*",
"matchCriteriaId": "DCBDA519-805B-4193-8092-75E2748A7BC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang to parse untrusted input yang files may crash."
},
{
"lang": "es",
"value": "Una desreferencia del puntero NULL est\u00e1 presente en libyang versiones anteriores a v1.0-r3, en la funci\u00f3n lys_extension_instances_free() debido a una copia de extensiones no resuelta en la funci\u00f3n lys_restr_dup(). Las aplicaciones que usan libyang para analizar archivos de entrada yang no confiables pueden bloquearse."
}
],
"id": "CVE-2019-20398",
"lastModified": "2024-11-21T04:38:23.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T22:15:10.627",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793935"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/CESNET/libyang/commit/7852b272ef77f8098c35deea6c6f09cb78176f08"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/773"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/CESNET/libyang/commit/7852b272ef77f8098c35deea6c6f09cb78176f08"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-20394
Vulnerability from fkie_nvd - Published: 2020-01-22 22:15 - Updated: 2024-11-21 04:38
Severity ?
Summary
A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r1:*:*:*:*:*:*",
"matchCriteriaId": "65E91322-5F67-43C2-8112-5ECAEC2A3C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r2:*:*:*:*:*:*",
"matchCriteriaId": "80A88DE4-93F8-40C3-AA52-A5F353F028AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "05C120CA-50EF-4B6D-92C9-ED736219DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r2:*:*:*:*:*:*",
"matchCriteriaId": "99D1FA55-3F56-4E09-B41E-B05C199B96B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r1:*:*:*:*:*:*",
"matchCriteriaId": "35D48EC4-58D2-49C6-8049-920787733587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "B57F3953-49D6-413C-A4AE-03125935FC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.14:r1:*:*:*:*:*:*",
"matchCriteriaId": "DD62411F-A524-4E80-B540-780EA39CB6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.15:r1:*:*:*:*:*:*",
"matchCriteriaId": "FEF091B1-978A-4881-B1FC-6848CD1A7BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r1:*:*:*:*:*:*",
"matchCriteriaId": "0C50D690-9A4D-4B78-BF4E-A4D9B4074216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r2:*:*:*:*:*:*",
"matchCriteriaId": "124A5D30-7451-4516-9AA2-963AE62DD679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r3:*:*:*:*:*:*",
"matchCriteriaId": "C260D13B-82E9-4596-9116-61073B42D661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:1.0:r1:*:*:*:*:*:*",
"matchCriteriaId": "5F8D5FC0-959E-4014-9CB7-91378CC8B2BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:1.0:r2:*:*:*:*:*:*",
"matchCriteriaId": "DCBDA519-805B-4193-8092-75E2748A7BC3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution."
},
{
"lang": "es",
"value": "Una doble liberaci\u00f3n est\u00e1 presente en libyang versiones anteriores a v1.0-r3, en la funci\u00f3n yyparse() cuando se usa una sentencia type dentro de una sentencia notification. Las aplicaciones que usan libyang para analizar archivos de entrada yang no confiables pueden ser vulnerables a este fallo, lo que podr\u00eda causar un bloqueo o potencialmente una ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2019-20394",
"lastModified": "2024-11-21T04:38:22.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T22:15:10.330",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793932"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/6cc51b1757dfbb7cff92de074ada65e8523289a6"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/769"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/6cc51b1757dfbb7cff92de074ada65e8523289a6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-20393
Vulnerability from fkie_nvd - Published: 2020-01-22 22:15 - Updated: 2024-11-21 04:38
Severity ?
Summary
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r1:*:*:*:*:*:*",
"matchCriteriaId": "65E91322-5F67-43C2-8112-5ECAEC2A3C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r2:*:*:*:*:*:*",
"matchCriteriaId": "80A88DE4-93F8-40C3-AA52-A5F353F028AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "05C120CA-50EF-4B6D-92C9-ED736219DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r2:*:*:*:*:*:*",
"matchCriteriaId": "99D1FA55-3F56-4E09-B41E-B05C199B96B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r1:*:*:*:*:*:*",
"matchCriteriaId": "35D48EC4-58D2-49C6-8049-920787733587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "B57F3953-49D6-413C-A4AE-03125935FC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.14:r1:*:*:*:*:*:*",
"matchCriteriaId": "DD62411F-A524-4E80-B540-780EA39CB6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.15:r1:*:*:*:*:*:*",
"matchCriteriaId": "FEF091B1-978A-4881-B1FC-6848CD1A7BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r1:*:*:*:*:*:*",
"matchCriteriaId": "0C50D690-9A4D-4B78-BF4E-A4D9B4074216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r2:*:*:*:*:*:*",
"matchCriteriaId": "124A5D30-7451-4516-9AA2-963AE62DD679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r3:*:*:*:*:*:*",
"matchCriteriaId": "C260D13B-82E9-4596-9116-61073B42D661",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution."
},
{
"lang": "es",
"value": "Una doble liberaci\u00f3n est\u00e1 presente en libyang versiones anteriores a v1.0-r1, en la funci\u00f3n yyparse() cuando es usada una descripci\u00f3n vac\u00eda. Las aplicaciones que usan libyang para analizar archivos de entrada yang no confiables pueden ser vulnerables a este fallo, lo que podr\u00eda causar un bloqueo o potencialmente una ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2019-20393",
"lastModified": "2024-11-21T04:38:22.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T22:15:10.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793930"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/d9feacc4a590d35dbc1af21caf9080008b4450ed"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/742"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/d9feacc4a590d35dbc1af21caf9080008b4450ed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-20397
Vulnerability from fkie_nvd - Published: 2020-01-22 22:15 - Updated: 2024-11-21 04:38
Severity ?
Summary
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r1:*:*:*:*:*:*",
"matchCriteriaId": "65E91322-5F67-43C2-8112-5ECAEC2A3C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r2:*:*:*:*:*:*",
"matchCriteriaId": "80A88DE4-93F8-40C3-AA52-A5F353F028AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "05C120CA-50EF-4B6D-92C9-ED736219DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r2:*:*:*:*:*:*",
"matchCriteriaId": "99D1FA55-3F56-4E09-B41E-B05C199B96B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r1:*:*:*:*:*:*",
"matchCriteriaId": "35D48EC4-58D2-49C6-8049-920787733587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "B57F3953-49D6-413C-A4AE-03125935FC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.14:r1:*:*:*:*:*:*",
"matchCriteriaId": "DD62411F-A524-4E80-B540-780EA39CB6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.15:r1:*:*:*:*:*:*",
"matchCriteriaId": "FEF091B1-978A-4881-B1FC-6848CD1A7BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r1:*:*:*:*:*:*",
"matchCriteriaId": "0C50D690-9A4D-4B78-BF4E-A4D9B4074216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r2:*:*:*:*:*:*",
"matchCriteriaId": "124A5D30-7451-4516-9AA2-963AE62DD679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r3:*:*:*:*:*:*",
"matchCriteriaId": "C260D13B-82E9-4596-9116-61073B42D661",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution."
},
{
"lang": "es",
"value": "Una doble liberaci\u00f3n est\u00e1 presente en libyang versiones anteriores a v1.0-r1, en la funci\u00f3n yyparse() cuando un campo organization no es terminado. Las aplicaciones que usan libyang para analizar archivos de entrada yang no confiables pueden ser vulnerables a este fallo, lo que podr\u00eda causar un bloqueo o potencialmente una ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2019-20397",
"lastModified": "2024-11-21T04:38:23.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T22:15:10.550",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793928"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/88bd6c548ba79bce176cd875e9b56e7e0ef4d8d4"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/739"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/88bd6c548ba79bce176cd875e9b56e7e0ef4d8d4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-20396
Vulnerability from fkie_nvd - Published: 2020-01-22 22:15 - Updated: 2024-11-21 04:38
Severity ?
Summary
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r1:*:*:*:*:*:*",
"matchCriteriaId": "65E91322-5F67-43C2-8112-5ECAEC2A3C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.11:r2:*:*:*:*:*:*",
"matchCriteriaId": "80A88DE4-93F8-40C3-AA52-A5F353F028AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r1:*:*:*:*:*:*",
"matchCriteriaId": "05C120CA-50EF-4B6D-92C9-ED736219DB07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.12:r2:*:*:*:*:*:*",
"matchCriteriaId": "99D1FA55-3F56-4E09-B41E-B05C199B96B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r1:*:*:*:*:*:*",
"matchCriteriaId": "35D48EC4-58D2-49C6-8049-920787733587",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.13:r2:*:*:*:*:*:*",
"matchCriteriaId": "B57F3953-49D6-413C-A4AE-03125935FC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.14:r1:*:*:*:*:*:*",
"matchCriteriaId": "DD62411F-A524-4E80-B540-780EA39CB6A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.15:r1:*:*:*:*:*:*",
"matchCriteriaId": "FEF091B1-978A-4881-B1FC-6848CD1A7BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r1:*:*:*:*:*:*",
"matchCriteriaId": "0C50D690-9A4D-4B78-BF4E-A4D9B4074216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r2:*:*:*:*:*:*",
"matchCriteriaId": "124A5D30-7451-4516-9AA2-963AE62DD679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cesnet:libyang:0.16:r3:*:*:*:*:*:*",
"matchCriteriaId": "C260D13B-82E9-4596-9116-61073B42D661",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing."
},
{
"lang": "es",
"value": "Un error de segmentaci\u00f3n est\u00e1 presente en yyparse en libyang versiones anteriores a v1.0-r1, debido a un valor de sentencia pattern malformado durante el an\u00e1lisis de lys_parse_path."
}
],
"id": "CVE-2019-20396",
"lastModified": "2024-11-21T04:38:23.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-22T22:15:10.470",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/a1f17693904ed6fecc8902c747fc50a8f20e6af8"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/740"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/commit/a1f17693904ed6fecc8902c747fc50a8f20e6af8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/CESNET/libyang/issues/740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-26917 (GCVE-0-2023-26917)
Vulnerability from cvelistv5 – Published: 2023-04-11 00:00 – Updated: 2025-02-11 15:52
VLAI?
Summary
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:01:31.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1987"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-26917",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T15:51:59.131050Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T15:52:49.173Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/CESNET/libyang/issues/1987"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-26917",
"datePublished": "2023-04-11T00:00:00.000Z",
"dateReserved": "2023-02-27T00:00:00.000Z",
"dateUpdated": "2025-02-11T15:52:49.173Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26916 (GCVE-0-2023-26916)
Vulnerability from cvelistv5 – Published: 2023-04-03 00:00 – Updated: 2025-02-18 16:59
VLAI?
Summary
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:01:31.037Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1979"
},
{
"name": "FEDORA-2023-17aaa2187f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/"
},
{
"name": "FEDORA-2023-9887f01975",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T14:58:35.560489Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T16:59:13.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/CESNET/libyang/issues/1979"
},
{
"name": "FEDORA-2023-17aaa2187f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/"
},
{
"name": "FEDORA-2023-9887f01975",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-26916",
"datePublished": "2023-04-03T00:00:00.000Z",
"dateReserved": "2023-02-27T00:00:00.000Z",
"dateUpdated": "2025-02-18T16:59:13.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28906 (GCVE-0-2021-28906)
Vulnerability from cvelistv5 – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:12.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1455"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In function read_yin_leaf() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1455"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28906",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In function read_yin_leaf() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1455",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1455"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28906",
"datePublished": "2021-05-20T18:36:44",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:12.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28905 (GCVE-0-2021-28905)
Vulnerability from cvelistv5 – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL. But in some cases, node->module can be null, which triggers a reachable assertion (CWE-617).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:12.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1452"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In function lys_node_free() in libyang \u003c= v1.0.225, it asserts that the value of node-\u003emodule can\u0027t be NULL. But in some cases, node-\u003emodule can be null, which triggers a reachable assertion (CWE-617)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1452"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In function lys_node_free() in libyang \u003c= v1.0.225, it asserts that the value of node-\u003emodule can\u0027t be NULL. But in some cases, node-\u003emodule can be null, which triggers a reachable assertion (CWE-617)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1452",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1452"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28905",
"datePublished": "2021-05-20T18:36:35",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:12.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28904 (GCVE-0-2021-28904)
Vulnerability from cvelistv5 – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:12.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1451"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In function ext_get_plugin() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1451"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In function ext_get_plugin() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1451",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1451"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28904",
"datePublished": "2021-05-20T18:36:27",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:12.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28903 (GCVE-0-2021-28903)
Vulnerability from cvelistv5 – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:11.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1453"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in libyang \u003c= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1453"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack overflow in libyang \u003c= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1453",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1453"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28903",
"datePublished": "2021-05-20T18:36:15",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:11.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28902 (GCVE-0-2021-28902)
Vulnerability from cvelistv5 – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:11.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1454"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In function read_yin_container() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1454"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In function read_yin_container() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1454",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1454"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28902",
"datePublished": "2021-05-20T18:36:06",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:11.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-20398 (GCVE-0-2019-20398)
Vulnerability from cvelistv5 – Published: 2020-01-22 00:00 – Updated: 2024-08-05 02:39
VLAI?
Summary
A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang to parse untrusted input yang files may crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:39:09.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/commit/7852b272ef77f8098c35deea6c6f09cb78176f08"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/773"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793935"
},
{
"name": "[debian-lts-announce] 20230919 [SECURITY] [DLA 3572-1] libyang security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang to parse untrusted input yang files may crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-19T21:06:19.867228",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/CESNET/libyang/compare/v1.0-r2...v1.0-r3"
},
{
"url": "https://github.com/CESNET/libyang/commit/7852b272ef77f8098c35deea6c6f09cb78176f08"
},
{
"url": "https://github.com/CESNET/libyang/issues/773"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793935"
},
{
"name": "[debian-lts-announce] 20230919 [SECURITY] [DLA 3572-1] libyang security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00019.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20398",
"datePublished": "2020-01-22T00:00:00",
"dateReserved": "2020-01-22T00:00:00",
"dateUpdated": "2024-08-05T02:39:09.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26917 (GCVE-0-2023-26917)
Vulnerability from nvd – Published: 2023-04-11 00:00 – Updated: 2025-02-11 15:52
VLAI?
Summary
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:01:31.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1987"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-26917",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T15:51:59.131050Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T15:52:49.173Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/CESNET/libyang/issues/1987"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-26917",
"datePublished": "2023-04-11T00:00:00.000Z",
"dateReserved": "2023-02-27T00:00:00.000Z",
"dateUpdated": "2025-02-11T15:52:49.173Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26916 (GCVE-0-2023-26916)
Vulnerability from nvd – Published: 2023-04-03 00:00 – Updated: 2025-02-18 16:59
VLAI?
Summary
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:01:31.037Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1979"
},
{
"name": "FEDORA-2023-17aaa2187f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/"
},
{
"name": "FEDORA-2023-9887f01975",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T14:58:35.560489Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T16:59:13.097Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-14T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/CESNET/libyang/issues/1979"
},
{
"name": "FEDORA-2023-17aaa2187f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6NQZHCJG3SBMFOQNIPRZGKDK3ARHLTTB/"
},
{
"name": "FEDORA-2023-9887f01975",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2VWGCMYKQH4BTFEHX5VYEXXOPIKKFHS/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-26916",
"datePublished": "2023-04-03T00:00:00.000Z",
"dateReserved": "2023-02-27T00:00:00.000Z",
"dateUpdated": "2025-02-18T16:59:13.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28906 (GCVE-0-2021-28906)
Vulnerability from nvd – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:12.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1455"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In function read_yin_leaf() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1455"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28906",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In function read_yin_leaf() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1455",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1455"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28906",
"datePublished": "2021-05-20T18:36:44",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:12.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28905 (GCVE-0-2021-28905)
Vulnerability from nvd – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL. But in some cases, node->module can be null, which triggers a reachable assertion (CWE-617).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:12.245Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1452"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In function lys_node_free() in libyang \u003c= v1.0.225, it asserts that the value of node-\u003emodule can\u0027t be NULL. But in some cases, node-\u003emodule can be null, which triggers a reachable assertion (CWE-617)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1452"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In function lys_node_free() in libyang \u003c= v1.0.225, it asserts that the value of node-\u003emodule can\u0027t be NULL. But in some cases, node-\u003emodule can be null, which triggers a reachable assertion (CWE-617)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1452",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1452"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28905",
"datePublished": "2021-05-20T18:36:35",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:12.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28904 (GCVE-0-2021-28904)
Vulnerability from nvd – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:12.144Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1451"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In function ext_get_plugin() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1451"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In function ext_get_plugin() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1451",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1451"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28904",
"datePublished": "2021-05-20T18:36:27",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:12.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28903 (GCVE-0-2021-28903)
Vulnerability from nvd – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:11.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1453"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in libyang \u003c= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1453"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stack overflow in libyang \u003c= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1453",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1453"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28903",
"datePublished": "2021-05-20T18:36:15",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:11.718Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28902 (GCVE-0-2021-28902)
Vulnerability from nvd – Published: 2021-05-20 18:36 – Updated: 2024-08-03 21:55
VLAI?
Summary
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:11.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/CESNET/libyang/issues/1454"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In function read_yin_container() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-24T04:06:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/CESNET/libyang/issues/1454"
},
{
"name": "GLSA-202107-54",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202107-54"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In function read_yin_container() in libyang \u003c= v1.0.225, it doesn\u0027t check whether the value of retval-\u003eext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval-\u003eext[r]-\u003eflags that results in a crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/CESNET/libyang/issues/1454",
"refsource": "CONFIRM",
"url": "https://github.com/CESNET/libyang/issues/1454"
},
{
"name": "GLSA-202107-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202107-54"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28902",
"datePublished": "2021-05-20T18:36:06",
"dateReserved": "2021-03-19T00:00:00",
"dateUpdated": "2024-08-03T21:55:11.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}