VDB
CVE-2021-44576
CVE-2021-44576
PUBLISHED
Two memory vulnerabilities exists in openSUSE libsolv through 13 Dec 2020 in the resolve_weak function at src/solver.c: line 2222 and 2249.
EPSS 0.04% · 15.5th percentile
Risk Scores
EPSS Score
0.04%
15.5th percentile
Timeline
- Feb 22, 2022 EPSS Score
- Mar 12, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Apr 16, 2022 EPSS Score
- May 4, 2022 EPSS Score
- May 21, 2022 EPSS Score
- Jun 8, 2022 EPSS Score
- Jun 13, 2022 CVE Rejected
- Jun 13, 2022 CVE Updated
- Feb 8, 2024 EPSS Score
- Feb 20, 2024 EPSS Score
- Mar 9, 2024 EPSS Score
References
- https://nvd.nist.gov/vuln/detail/CVE-2021-44576 advisory
- https://github.com/openSUSE/libsolv/issues/426 url
- https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_weak-2222 url
- https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/resolve_weak-2249 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH url