Lucene search
Veracode Vulnerability DatabaseVERACODE:34343HistoryFeb 22, 2022 - 9:00 a.m.
Denial Of Service (DoS)
2022-02-2209:00:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
libexpat.so is vulnerable to denial of service. The vulnerability exists due to the heap overflow in the resolve_installed function of solver.c, allowing an attacker to cause an application crash.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libsolv.so | le | 1 | |
| libsolv | le | 0.7.20__1.el8 | |
| libsolv.so | le | 1 | |
| libsolv | le | 0.7.20__1.el8 |
References
github.com/advisories/GHSA-gcv4-qmhw-xv6c
github.com/openSUSE/libsolv/issues/430
github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_installed-1728
github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_installed-1766
lists.fedoraproject.org/archives/list/[email protected]/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH/
Related
cnvd
cnvd
libsolv Heap Overflow Vulnerability (CNVD-2022-15954)
2022-02-23 00:00:00
debiancve
debiancve
CVE-2021-44573
2022-02-21 20:15:00
cve
cve
CVE-2021-44573
2022-02-21 20:15:00
redhatcve
redhatcve
CVE-2021-44573
2022-02-22 04:20:47
openvas
openvas
Fedora: Security Advisory for libsolv (FEDORA-2022-f8921a3891)
2022-03-02 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: libsolv-0.7.21-1.fc35
2022-03-01 15:05:49
Related for VERACODE:34343