CVE-2019-20387

Опубликовано: 21 янв. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
devel	not-affected	0.6.36-2
eoan	ignored	end of life
esm-apps/bionic	needed
esm-apps/focal	not-affected	0.6.36-2
esm-apps/jammy	not-affected	0.6.36-2
esm-apps/noble	not-affected	0.6.36-2
esm-apps/xenial	needed
esm-infra-legacy/trusty	DNE
focal	not-affected	0.6.36-2

Показывать по

Ссылки на источники

EPSS

Процентиль: 46%

0.0023

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2019-20387

CVSS3: 7.5

redhat

около 6 лет назад

repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.

CVE-2019-20387

CVSS3: 7.5

nvd

около 6 лет назад

repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.

CVE-2019-20387

CVSS3: 7.5

debian

около 6 лет назад

repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-ba ...

GHSA-vvx2-pj87-xmpx

CVSS3: 7.5

github

больше 3 лет назад

repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.

ELSA-2020-4508

oracle-oval

около 5 лет назад

ELSA-2020-4508: libsolv security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 46%

0.0023

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2019-20387

Описание

Пакет libsolv

Ссылки на источники

Связанные уязвимости