Описание
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.
A heap-based buffer over-read flaw occurs in libyang in function lys_type_free() due to a malformed pattern statement value. Applications that use libyang to process untrusted input yang files may be vulnerable to this flaw, possibly causing a crash or information leaks.
Дополнительная информация
Статус:
EPSS
4.4 Medium
CVSS3
Связанные уязвимости
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.
A segmentation fault is present in yyparse in libyang before v1.0-r1 d ...
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.
EPSS
4.4 Medium
CVSS3