Opensuse

Libsolv

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.21%
  • Veröffentlicht 26.05.2026 16:16:07
  • Zuletzt bearbeitet 09.07.2026 16:16:41

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, ...

  • EPSS 0.29%
  • Veröffentlicht 20.05.2026 23:34:56
  • Zuletzt bearbeitet 27.06.2026 00:16:49

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. This leads to an undersized memory allocation and a ...

  • EPSS 0.4%
  • Veröffentlicht 20.05.2026 23:16:36
  • Zuletzt bearbeitet 29.06.2026 17:16:30

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA51...

Exploit
  • EPSS 1.77%
  • Veröffentlicht 21.02.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:31:13

Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), which could cause a remote Denial of Service.

Exploit
  • EPSS 1.46%
  • Veröffentlicht 02.09.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:09:46

Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

Exploit
  • EPSS 1.44%
  • Veröffentlicht 02.09.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:09:47

Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

Exploit
  • EPSS 1.46%
  • Veröffentlicht 02.09.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:09:47

Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

Exploit
  • EPSS 1.42%
  • Veröffentlicht 02.09.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:09:47

Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

Exploit
  • EPSS 1.31%
  • Veröffentlicht 18.05.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:08

Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service

  • EPSS 2.34%
  • Veröffentlicht 21.01.2020 23:15:13
  • Zuletzt bearbeitet 21.11.2024 04:38:21

repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.