rpm package
suse/libsolv&distro=SUSE Linux Enterprise Server 12 SP3-BCL
pkg:rpm/suse/libsolv&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3200 | — | < 0.6.37-2.33.1 | 0.6.37-2.33.1 | May 18, 2021 | Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service | ||
| CVE-2019-20387 | — | < 0.6.37-2.33.1 | 0.6.37-2.33.1 | Jan 21, 2020 | repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema. | ||
| CVE-2018-20534 | — | < 0.6.36-2.27.19.8 | 0.6.36-2.27.19.8 | Dec 28, 2018 | There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real- | ||
| CVE-2018-20533 | — | < 0.6.36-2.27.19.8 | 0.6.36-2.27.19.8 | Dec 28, 2018 | There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. | ||
| CVE-2018-20532 | — | < 0.6.36-2.27.19.8 | 0.6.36-2.27.19.8 | Dec 28, 2018 | There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. |
- CVE-2021-3200May 18, 2021affected < 0.6.37-2.33.1fixed 0.6.37-2.33.1
Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service
- CVE-2019-20387Jan 21, 2020affected < 0.6.37-2.33.1fixed 0.6.37-2.33.1
repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.
- CVE-2018-20534Dec 28, 2018affected < 0.6.36-2.27.19.8fixed 0.6.36-2.27.19.8
There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-
- CVE-2018-20533Dec 28, 2018affected < 0.6.36-2.27.19.8fixed 0.6.36-2.27.19.8
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
- CVE-2018-20532Dec 28, 2018affected < 0.6.36-2.27.19.8fixed 0.6.36-2.27.19.8
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.