CVE-2021-44758

Опубликовано: 26 дек. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.

Ссылки

https://github.com/heimdal/heimdal/commit/f9ec7002cdd526ae84fbacbf153162e118f22580
Patch
Third Party Advisory
https://github.com/heimdal/heimdal/security/advisories/GHSA-69h9-669w-88xv
Third Party Advisory
https://security.gentoo.org/glsa/202310-06
https://github.com/heimdal/heimdal/commit/f9ec7002cdd526ae84fbacbf153162e118f22580
Patch
Third Party Advisory
https://github.com/heimdal/heimdal/security/advisories/GHSA-69h9-669w-88xv
Third Party Advisory
https://security.gentoo.org/glsa/202310-06

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:heimdal_project:heimdal:*:*:*:*:*:*:*:*

Версия до 7.7.1 (исключая)

EPSS

Процентиль: 59%

0.00379

Низкий

7.5 High

CVSS3

Дефекты

CWE-476

Связанные уязвимости

CVE-2021-44758

CVSS3: 7.5

ubuntu

около 3 лет назад

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferred_mech_type of GSS_C_NO_OID and a nonzero initial_response value to send_accept.

CVE-2021-44758

CVSS3: 7.5

msrc

больше 1 года назад

Описание отсутствует

CVE-2021-44758

CVSS3: 7.5

debian

около 3 лет назад

Heimdal before 7.7.1 allows attackers to cause a NULL pointer derefere ...

openSUSE-SU-2023:0020-1

suse-cvrf

около 3 лет назад

Security update for libheimdal

openSUSE-SU-2023:0019-1

suse-cvrf

около 3 лет назад

Security update for libheimdal

EPSS

Процентиль: 59%

0.00379

Низкий

7.5 High

CVSS3

Дефекты

CWE-476