EPSS
Percentile
82.0%
A double-free flaw occurs in libyang in function yyparse() when an empty description is used. Applications that use libyang to process untrusted input YANG files may be vulnerable to this flaw, possibly causing a crash or potential code execution.
bugzilla.redhat.com/show_bug.cgi?id=1793930
nvd.nist.gov/vuln/detail/CVE-2019-20393
www.cve.org/CVERecord?id=CVE-2019-20393