rpm package
opensuse/cyrus-sasl&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/cyrus-sasl&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-8032 | — | < 2.1.27-5.7 | 2.1.27-5.7 | Feb 25, 2021 | A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions. | ||
| CVE-2019-19906 | — | < 2.1.27-5.7 | 2.1.27-5.7 | Dec 19, 2019 | cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl. |
- CVE-2020-8032Feb 25, 2021affected < 2.1.27-5.7fixed 2.1.27-5.7
A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions.
- CVE-2019-19906Dec 19, 2019affected < 2.1.27-5.7fixed 2.1.27-5.7
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.