Vulnerabilities > CVE-2023-26917 - NULL Pointer Dereference vulnerability in Cesnet Libyang

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

NVD

Published: 2023-04-11

Updated: 2023-04-18

Summary

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.

Part	Description	Count
Application	Cesnet Cesnet Libyang 2.0.164 Cesnet Libyang 2.0.194 Cesnet Libyang 2.0.231 Cesnet Libyang 2.1.4 Cesnet Libyang 2.1.30	5