7.5
CVE-2021-3326
- EPSS 0.23%
- Veröffentlicht 27.01.2021 20:15:14
- Zuletzt bearbeitet 09.06.2025 16:15:32
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Netapp ≫ E-series Santricity Os Controller Version >= 11.0 <= 11.60.3
Netapp ≫ Ontap Select Deploy Administration Utility Version-
Fujitsu ≫ M10-1 Firmware Version < xcp2410
Fujitsu ≫ M10-4 Firmware Version < xcp2410
Fujitsu ≫ M10-4s Firmware Version < xcp2410
Fujitsu ≫ M12-1 Firmware Version < xcp2410
Fujitsu ≫ M12-2 Firmware Version < xcp2410
Fujitsu ≫ M12-2 Firmware Version < xcp2410
Fujitsu ≫ M12-2s Firmware Version < xcp2410
Fujitsu ≫ M10-1 Firmware Version < xcp3110
Fujitsu ≫ M10-4 Firmware Version < xcp3110
Fujitsu ≫ M10-4s Firmware Version < xcp3110
Fujitsu ≫ M12-1 Firmware Version < xcp3110
Fujitsu ≫ M12-2 Firmware Version < xcp3110
Fujitsu ≫ M12-2 Firmware Version < xcp3110
Fujitsu ≫ M12-2s Firmware Version < xcp3110
Debian ≫ Debian Linux Version10.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.451 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.