VDB
CVE-2021-44573
CVE-2021-44573
PUBLISHED
Two heap overflow vulnerabilities exist in oenSUSE libsolv through 13 Dec 2020 in the resolve_installed function at src/solver.c: line 1728 & 1766.
EPSS 0.06% · 30.1th percentile
Risk Scores
EPSS Score
0.06%
30.1th percentile
Timeline
- Feb 22, 2022 EPSS Score
- Mar 12, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Apr 16, 2022 EPSS Score
- May 4, 2022 EPSS Score
- May 21, 2022 EPSS Score
- Jun 8, 2022 EPSS Score
- Jun 13, 2022 CVE Rejected
- Jun 13, 2022 CVE Updated
- Feb 8, 2024 EPSS Score
- Feb 20, 2024 EPSS Score
- Mar 9, 2024 EPSS Score
References
- https://nvd.nist.gov/vuln/detail/CVE-2021-44573 advisory
- https://github.com/openSUSE/libsolv/issues/430 url
- https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_installed-1728 url
- https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_installed-1766 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH url