Opensuse: >> Libsolv >> 0.7.9 Security Vulnerabilities
Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), which could cause a remote Denial of Service.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-02-21
Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-09-02
Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-09-02
Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-09-02
Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
CVSS Score
7.5
EPSS Score
0.0
Published
2021-09-02
Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service
CVSS Score
3.3
EPSS Score
0.0
Published
2021-05-18