Vulnerabilities > Cesnet > Libyang > 1.0.167

DATE CVE VULNERABILITY TITLE RISK
2021-05-20 CVE-2021-28902 Unchecked Return Value vulnerability in Cesnet Libyang
In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL.
network
low complexity
cesnet CWE-252
7.5
7.5
2021-05-20 CVE-2021-28903 Uncontrolled Recursion vulnerability in Cesnet Libyang
A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem().
network
low complexity
cesnet CWE-674
7.5
7.5
2021-05-20 CVE-2021-28904 Unchecked Return Value vulnerability in Cesnet Libyang
In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL.
network
low complexity
cesnet CWE-252
7.5
7.5
2021-05-20 CVE-2021-28905 Reachable Assertion vulnerability in Cesnet Libyang
In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL.
network
low complexity
cesnet CWE-617
7.5
7.5
2021-05-20 CVE-2021-28906 Unchecked Return Value vulnerability in Cesnet Libyang
In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL.
network
low complexity
cesnet CWE-252
7.5
7.5