Medium severity5.3NVD Advisory· Published Feb 4, 2022· Updated Jun 17, 2026
CVE-2021-46671
CVE-2021-46671
Description
options.c in atftp before 0.7.5 reads past the end of an array, and consequently discloses server-side /etc/group data to a remote client.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/suse/atftp&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/atftp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
< 0.7.0-160.14.1+ 1 more
- (no CPE)range: < 0.7.0-160.14.1
- (no CPE)range: < 0.7.0-160.14.1
Patches
Vulnerability mechanics
References
3- sourceforge.net/p/atftp/code/ci/9cf799c40738722001552618518279e9f0ef62e5nvdPatchThird Party Advisory
- bugs.debian.org/1004974nvdExploitIssue TrackingMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2022/05/msg00040.htmlnvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.