Lucene search
Veracode Vulnerability DatabaseVERACODE:22355HistoryJan 23, 2020 - 8:55 a.m.
Denial Of Service (DoS)
2020-01-2308:55:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.003 Low
EPSS
Percentile
71.5%
libyang.so is vulnerable to denial of service (DoS). A double free error occurs in the function yyparse() when empty description is used, causing an application crash or arbitrary code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libyang | eq | 0.16.105__3.el8_1.2 | |
| libyang | eq | 0.16.105__3.el8 |
References
bugzilla.redhat.com/show_bug.cgi?id=1793928
github.com/CESNET/libyang/commit/88bd6c548ba79bce176cd875e9b56e7e0ef4d8d4
github.com/CESNET/libyang/commit/d9feacc4a590d35dbc1af21caf9080008b4450ed
github.com/CESNET/libyang/compare/v0.16-r3...v1.0-r1
github.com/CESNET/libyang/issues/739
github.com/CESNET/libyang/issues/742
Related
prion
prion
Double free
2020-01-22 22:15:00
cvelist
cvelist
CVE-2019-20397
2020-01-22 00:00:00
nvd
nvd
CVE-2019-20397
2020-01-22 22:15:10
cve
cve
CVE-2019-20397
2020-01-22 22:15:10
redhatcve
redhatcve
CVE-2019-20397
2020-01-23 09:39:45
debiancve
debiancve
CVE-2019-20397
2020-01-22 22:15:10
ubuntucve
ubuntucve
CVE-2019-20397
2020-01-22 00:00:00
osv
osv
CVE-2019-20397
2020-01-22 22:15:10
libyang - security update
2023-09-19 00:00:00
libyang bug fix and enhancement update
2021-05-18 06:22:25
nessus
nessus
Debian DLA-3572-1 : libyang - LTS security update
2023-09-20 00:00:00
debian
debian
[SECURITY] [DLA 3572-1] libyang security update
2023-09-19 19:37:20
openvas
openvas
Debian: Security Advisory (DLA-3572-1)
2023-09-20 00:00:00
rocky
rocky
libyang bug fix and enhancement update
2021-05-18 06:22:25