CVE-2019-20395

Published January 22nd, 2020

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.

CESNET/libyang

YANG data modeling language library

GitHub

421