Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cesnet libyang vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-28902
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.
Cesnet Libyang
7.5
CVSSv3
CVE-2021-28903
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash.
Cesnet Libyang
7.5
CVSSv3
CVE-2021-28904
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.
Cesnet Libyang
7.5
CVSSv3
CVE-2021-28905
In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL. But in some cases, node->module can be null, which triggers a reachable assertion (CWE-617).
Cesnet Libyang
7.5
CVSSv3
CVE-2021-28906
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.
Cesnet Libyang
7.5
CVSSv3
CVE-2023-26917
libyang from v2.0.164 to v2.1.30 exists to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.
Cesnet Libyang
5.3
CVSSv3
CVE-2023-26916
libyang from v2.0.164 to v2.1.30 exists to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.
Cesnet Libyang
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2