|
221531
|
6.5 |
MEDIUM
Network
|
cesnet
|
libyang
|
A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang…
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-20398
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221532
|
8.8 |
HIGH
Network
|
cesnet
|
libyang
|
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may be vul…
|
CWE-415
Double Free
|
CVE-2019-20397
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221533
|
6.5 |
MEDIUM
Network
|
cesnet
|
libyang
|
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-20396
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221534
|
6.5 |
MEDIUM
Network
|
cesnet
|
libyang
|
A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.
|
CWE-674
Uncontrolled Recursion
|
CVE-2019-20395
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221535
|
8.8 |
HIGH
Network
|
cesnet
|
libyang
|
A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang fil…
|
CWE-415
Double Free
|
CVE-2019-20394
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221536
|
8.8 |
HIGH
Network
|
cesnet
|
libyang
|
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to …
|
CWE-415
Double Free
|
CVE-2019-20393
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221537
|
6.5 |
MEDIUM
Network
|
cesnet
|
libyang
|
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not def…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-20392
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221538
|
6.5 |
MEDIUM
Network
|
cesnet
|
libyang
|
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse un…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2019-20391
|
2024-11-21 13:38 |
2020-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221539
|
7.5 |
HIGH
Network
|
opensuse
debian
|
libsolv
debian_linux
|
repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-20387
|
2024-11-21 13:38 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221540
|
7.5 |
HIGH
Network
|
xmlsoft
debian
netapp
oracle
opensuse
fedoraproject
|
libxml2
debian_linux
cloud_backup
steelstore_cloud_integrated_storage
ontap_select_deploy_administration_utility
clustered_data_ontap
smi-s_provider
snapdrive
plug-in_for_syma…
|
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-20388
|
2024-11-21 13:38 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
