PT-2026-4900 · Unknown+2 · Ydb-Platform Ydb+2
Titan Team
·
Published
2026-01-27
·
Updated
2026-01-27
·
CVE-2026-24825
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/S:N/AU:Y/R:U/V:D/RE:L/U:Amber |
Name of the Vulnerable Software and Affected Versions
ydb versions through 24.4.4.2
Description
A memory management issue exists in ydb-platform ydb, specifically within the contrib/libs/yajl modules. The problem involves a failure to release memory after its effective lifetime, potentially leading to resource exhaustion or other undefined behavior. The issue is associated with the yail tree.C program file.
Recommendations
Update ydb to a version later than 24.4.4.2.
Fix
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Yajl
Ydb
Ydb-Platform Ydb