Primary

Context

YDB Platform Memory Leak Vulnerability in YAJL Module

Vulnerability

A memory leak vulnerability has been identified in the YDB platform, specifically in versions through 24.4.4.2, within the YAJL module. The issue arises from the YAJL tree parsing function, which was cloned from a different repository but did not receive an essential security update. This vulnerability leads to a missing release of memory after the effective lifetime of the data has passed, potentially allowing for increased memory usage over time.

Impact

Exploitation of this vulnerability causes a memory leak, where allocated memory is not properly released, leading to increased memory consumption that could degrade performance or cause the application to run out of memory.

Remediation

Users can update to the latest version of the YDB platform, where this vulnerability has been addressed, to mitigate this issue.

Added: Jan 27, 2026, 9:18 AM

Updated: Jan 27, 2026, 3:17 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

6.0

remediation

0.0

relevance

2.4

threat

6.4

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

6.0

remediation

0.0

relevance

2.4

threat

6.4

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

YDB Platform Memory Leak Vulnerability in YAJL Module

Vulnerability

Impact

Remediation

Affected Products

yajl

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating