Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-28902

In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2021-28902
  • Cesnet » Libyang » Version: 0.11
    cpe:2.3:a:cesnet:libyang:0.11
  • Cesnet » Libyang » Version: 0.12
    cpe:2.3:a:cesnet:libyang:0.12
  • Cesnet » Libyang » Version: 0.13
    cpe:2.3:a:cesnet:libyang:0.13
  • Cesnet » Libyang » Version: 0.14
    cpe:2.3:a:cesnet:libyang:0.14
  • Cesnet » Libyang » Version: 0.15
    cpe:2.3:a:cesnet:libyang:0.15
  • Cesnet » Libyang » Version: 0.16
    cpe:2.3:a:cesnet:libyang:0.16
  • Cesnet » Libyang » Version: 1.0
    cpe:2.3:a:cesnet:libyang:1.0
  • Cesnet » Libyang » Version: 1.0.130
    cpe:2.3:a:cesnet:libyang:1.0.130
  • Cesnet » Libyang » Version: 1.0.167
    cpe:2.3:a:cesnet:libyang:1.0.167
  • Cesnet » Libyang » Version: 1.0.176
    cpe:2.3:a:cesnet:libyang:1.0.176
  • Cesnet » Libyang » Version: 1.0.184
    cpe:2.3:a:cesnet:libyang:1.0.184
  • Cesnet » Libyang » Version: 1.0.215
    cpe:2.3:a:cesnet:libyang:1.0.215
  • Cesnet » Libyang » Version: 1.0.225
    cpe:2.3:a:cesnet:libyang:1.0.225


Products
Pricing
Contact Us

Shodan ® - All rights reserved