CVE-2023-26917

Опубликовано: 11 апр. 2023

Источник: debian

Описание

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.

Пакет	Статус	Версия исправления	Релиз	Тип
libyang	fixed	3.4.2+dfsg-2		package
libyang	no-dsa		bullseye	package
libyang2	fixed	2.1.148-0.1		package
libyang2	ignored		bookworm	package

https://github.com/CESNET/libyang/issues/1987
https://github.com/CESNET/libyang/commit/cfa1a965a429e4bfc5ae1539a8e87a9cf71c3090 (v2.1.55)
src:libyang was removed and later re-introduced as src:libyang with version 3

CVE-2023-26917

CVSS3: 7.5

ubuntu

почти 3 года назад

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.

CVE-2023-26917

CVSS3: 7.5

redhat

почти 3 года назад

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.

CVE-2023-26917

CVSS3: 7.5

nvd

почти 3 года назад

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.

CVE-2023-26917

CVSS3: 7.5

msrc

почти 3 года назад

Описание отсутствует

GHSA-8fpx-68qp-g9qc

CVSS3: 7.5

github

почти 3 года назад

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.