Filtered by vendor Cesnet
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-20396 | 1 Cesnet | 1 Libyang | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing. | |||||
| CVE-2019-20395 | 1 Cesnet | 1 Libyang | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash. | |||||
| CVE-2019-20392 | 1 Cesnet | 1 Libyang | 2020-01-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash. | |||||
| CVE-2019-20391 | 1 Cesnet | 1 Libyang | 2020-01-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash. | |||||
| CVE-2019-20398 | 1 Cesnet | 1 Libyang | 2020-01-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang to parse untrusted input yang files may crash. | |||||