Lucene search

K

RedhatCVELIST:CVE-2021-20266

HistoryApr 30, 2021 - 11:22 a.m.

CVE-2021-20266

2021-04-3011:22:49

CWE-125

redhat

www.cve.org

1

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.7%

A flaw was found in RPM’s hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability.

CNA Affected

[
  {
    "product": "rpm",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "rpm 4.17.0"
      }
    ]
  }
]

References

bugzilla.redhat.com/show_bug.cgi?id=1927741

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/

security.gentoo.org/glsa/202107-43

6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.7%

Related for CVELIST:CVE-2021-20266

cbl_mariner1 rocky1 oraclelinux1 osv4 nessus25 almalinux1 debiancve1 nvd1 ubuntucve1 veracode1 redhatcve1 cve1 alpinelinux1 redhat15 prion1 photon6 rosalinux1 openvas19 suse2 fedora3 gentoo1 mageia1 aix1 ubuntu1 ibm6