VYPR
Critical severity9.8NVD Advisory· Published Dec 6, 2019· Updated Jun 17, 2026

CVE-2019-19334

CVE-2019-19334

Description

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a denial of service or possibly gain code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • libyang/libyangllm-fuzzy
    Range: <1.0-r5
  • Red Hat/libyangv5
    Range: libyang all versions before 1.0-r5

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.