Vulnerabilities > Cesnet

DATE CVE VULNERABILITY TITLE RISK
2021-05-20 CVE-2021-28902 Unchecked Return Value vulnerability in Cesnet Libyang
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL.
network
low complexity
cesnet CWE-252
5.0
2021-05-20 CVE-2021-28903 Uncontrolled Recursion vulnerability in Cesnet Libyang
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem().
network
low complexity
cesnet CWE-674
5.0
2021-05-20 CVE-2021-28904 Unchecked Return Value vulnerability in Cesnet Libyang
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL.
network
low complexity
cesnet CWE-252
5.0
2021-05-20 CVE-2021-28905 Reachable Assertion vulnerability in Cesnet Libyang
In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL.
network
low complexity
cesnet CWE-617
5.0
2021-05-20 CVE-2021-28906 Unchecked Return Value vulnerability in Cesnet Libyang
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL.
network
low complexity
cesnet CWE-252
5.0
2020-03-25 CVE-2020-5281 Incorrect Permission Assignment for Critical Resource vulnerability in Cesnet Perun
In Perun before version 3.9.1, VO or group manager can modify configuration of the LDAP extSource to retrieve all from Perun LDAP.
network
low complexity
cesnet CWE-732
5.0
2020-01-22 CVE-2019-20398 NULL Pointer Dereference vulnerability in Cesnet Libyang
A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup().
network
cesnet CWE-476
4.3
2020-01-22 CVE-2019-20397 Double Free vulnerability in Cesnet Libyang
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated.
network
cesnet CWE-415
6.8
2020-01-22 CVE-2019-20396 Improper Input Validation vulnerability in Cesnet Libyang
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.
network
cesnet CWE-20
4.3
2020-01-22 CVE-2019-20395 Uncontrolled Recursion vulnerability in Cesnet Libyang
A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs.
network
cesnet CWE-674
4.3