Red Hat Libyang vulnerabilities
2 known vulnerabilities affecting red_hat/libyang.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2019-19334CRITICALCVSS 9.8vlibyang all versions before 1.0-r52019-12-06
CVE-2019-19334 [CRITICAL] CWE-121 CVE-2019-19334: In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way li
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.
nvd
CVE-2019-19333CRITICALCVSS 9.8vlibyang all versions before 1.0-r52019-12-06
CVE-2019-19333 [CRITICAL] CWE-121 CVE-2019-19333: In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way li
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.
nvd