VDB
CVE-2021-44577
CVE-2021-44577
PUBLISHED
Two heap-overflow vulnerabilities exist in openSUSE libsolv through 13 Dec 2020 bugs in the propagate function at src/solver.c: line 490 and 524.
EPSS 0.04% · 15.5th percentile
Risk Scores
EPSS Score
0.04%
15.5th percentile
Timeline
- Feb 22, 2022 EPSS Score
- Mar 12, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Apr 16, 2022 EPSS Score
- May 4, 2022 EPSS Score
- May 21, 2022 EPSS Score
- Jun 8, 2022 EPSS Score
- Jun 13, 2022 CVE Rejected
- Jun 13, 2022 CVE Updated
- Feb 8, 2024 EPSS Score
- Feb 20, 2024 EPSS Score
- Mar 9, 2024 EPSS Score
References
- https://nvd.nist.gov/vuln/detail/CVE-2021-44577 advisory
- https://github.com/openSUSE/libsolv/issues/428 url
- https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/propagate-490 url
- https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/propagate-524 url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVLRHB6CUX3SHYOIGVUQNWAOW5JYANWH url