Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-28903

A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2021-28903
  • Cesnet » Libyang » Version: 0.11
    cpe:2.3:a:cesnet:libyang:0.11
  • Cesnet » Libyang » Version: 0.12
    cpe:2.3:a:cesnet:libyang:0.12
  • Cesnet » Libyang » Version: 0.13
    cpe:2.3:a:cesnet:libyang:0.13
  • Cesnet » Libyang » Version: 0.14
    cpe:2.3:a:cesnet:libyang:0.14
  • Cesnet » Libyang » Version: 0.15
    cpe:2.3:a:cesnet:libyang:0.15
  • Cesnet » Libyang » Version: 0.16
    cpe:2.3:a:cesnet:libyang:0.16
  • Cesnet » Libyang » Version: 1.0
    cpe:2.3:a:cesnet:libyang:1.0
  • Cesnet » Libyang » Version: 1.0.130
    cpe:2.3:a:cesnet:libyang:1.0.130
  • Cesnet » Libyang » Version: 1.0.167
    cpe:2.3:a:cesnet:libyang:1.0.167
  • Cesnet » Libyang » Version: 1.0.176
    cpe:2.3:a:cesnet:libyang:1.0.176
  • Cesnet » Libyang » Version: 1.0.184
    cpe:2.3:a:cesnet:libyang:1.0.184
  • Cesnet » Libyang » Version: 1.0.215
    cpe:2.3:a:cesnet:libyang:1.0.215
  • Cesnet » Libyang » Version: 1.0.225
    cpe:2.3:a:cesnet:libyang:1.0.225


Products
Pricing
Contact Us

Shodan ® - All rights reserved