Vulnerability Details CVE-2021-27343
SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: obtain sensitive information (context-dependent). The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::der_decode_sequence() function. The attack vector is: Parsing RSA Key ASN.1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/SerenityOS/serenity/commit/48fbf6a88d4822a1e5470cf08f29464511bd72c1
- https://github.com/SerenityOS/serenity/issues/5317
- https://github.com/SerenityOS/serenity/pull/5344
- https://github.com/SerenityOS/serenity/commit/48fbf6a88d4822a1e5470cf08f29464511bd72c1
- https://github.com/SerenityOS/serenity/issues/5317
- https://github.com/SerenityOS/serenity/pull/5344
Products affected by CVE-2021-27343
-
cpe:2.3:o:serenityos:serenityos:-