Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-20395

Опубликовано: 08 мар. 2019
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.

A stack-overflow flaw was found in libyang due to a self-referential union type containing leafrefs. Applications that use libyang to process untrusted input YANG files may crash while processing malformed files.

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-674
https://bugzilla.redhat.com/show_bug.cgi?id=1793924libyang: stack-overflow when parsing yang files with self-referential union types

EPSS

Процентиль: 42%
0.00205
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-20395

CVSS3: 6.5
ubuntu
около 6 лет назад

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.

nvd логотип

CVE-2019-20395

CVSS3: 6.5
nvd
около 6 лет назад

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.

debian логотип

CVE-2019-20395

CVSS3: 6.5
debian
около 6 лет назад

A stack consumption issue is present in libyang before v1.0-r1 due to ...

github логотип

GHSA-3ffh-3h59-484g

CVSS3: 6.5
github
больше 3 лет назад

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.

EPSS

Процентиль: 42%
0.00205
Низкий

5.5 Medium

CVSS3