VYPR

rpm package

opensuse/cyrus-sasl&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/cyrus-sasl&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2020-8032Feb 25, 2021
    affected < 2.1.27-5.7fixed 2.1.27-5.7

    A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions.

  • CVE-2019-19906Dec 19, 2019
    affected < 2.1.27-5.7fixed 2.1.27-5.7

    cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.