VDB
CVE-2021-44575
CVE-2021-44575
PUBLISHED
Two heap-overflow vulnerabilities exists in openSUSE libsolv through 13 Dec 2020 in the makeruledecisions function at src/solver.c: line 147 and 307.
EPSS 0.04% · 15.5th percentile
Risk Scores
EPSS Score
0.04%
15.5th percentile
Timeline
- Feb 22, 2022 EPSS Score
- Mar 12, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Apr 16, 2022 EPSS Score
- May 4, 2022 EPSS Score
- May 21, 2022 EPSS Score
- Jun 8, 2022 EPSS Score
- Jun 13, 2022 CVE Rejected
- Jun 13, 2022 CVE Updated
- Feb 8, 2024 EPSS Score
- Feb 20, 2024 EPSS Score
- Mar 9, 2024 EPSS Score
References
- https://nvd.nist.gov/vuln/detail/CVE-2021-44575 advisory
- https://github.com/openSUSE/libsolv/issues/427 url
- https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/makeruledecisions-307 url
- https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/makeruledecisions_147 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH url