OpenSuse Libsolv
By the Year
In 2024 there have been 0 vulnerabilities in OpenSuse Libsolv . Libsolv did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 1 | 6.50 |
2021 | 5 | 6.66 |
2020 | 1 | 7.50 |
2019 | 0 | 0.00 |
2018 | 3 | 6.50 |
It may take a day or so for new Libsolv vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent OpenSuse Libsolv Security Vulnerabilities
Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable
CVE-2021-44568
6.5 - Medium
- February 21, 2022
Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), which could cause a remote Denial of Service.
Memory Corruption
Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17
CVE-2021-33938
7.5 - High
- September 02, 2021
Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
Memory Corruption
Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17
CVE-2021-33930
7.5 - High
- September 02, 2021
Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
Memory Corruption
Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17
CVE-2021-33929
7.5 - High
- September 02, 2021
Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
Memory Corruption
Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17
CVE-2021-33928
7.5 - High
- September 02, 2021
Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.
Memory Corruption
Buffer overflow vulnerability in libsolv 2020-12-13
CVE-2021-3200
3.3 - Low
- May 18, 2021
Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service
Classic Buffer Overflow
repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read
CVE-2019-20387
7.5 - High
- January 21, 2020
repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.
Out-of-bounds Read
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2
CVE-2018-20532
6.5 - Medium
- December 28, 2018
There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
NULL Pointer Dereference
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2
CVE-2018-20533
6.5 - Medium
- December 28, 2018
There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.
NULL Pointer Dereference
There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service
CVE-2018-20534
6.5 - Medium
- December 28, 2018
There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application
Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by OpenSuse? Click the Watch button to subscribe.