Published: 16/12/2020 Updated: 12/05/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

An issue exists in p11-kit 0.23.6 up to and including 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.

Vulnerable Product	Search on Vulmon	Subscribe to Product
p11-kit project p11-kit
debian debian linux 10.0
oracle communications cloud native core policy 1.14.0

David Cook reported several memory safety issues affecting the RPC protocol in p11-kit, a library providing a way to load and enumerate PKCS#11 modules For the stable distribution (buster), these problems have been fixed in version 02315-2+deb10u1 We recommend that you upgrade your p11-kit packages For the detailed security status of p11-kit p ...

Synopsis Moderate: Migration Toolkit for Containers (MTC) 173 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 173 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...

Synopsis Moderate: OpenShift Container Platform 4103 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4103 is now available withupdates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...

Synopsis Important: Service Telemetry Framework 14 security update Type/Severity Security Advisory: Important Topic An update is now available for Service Telemetry Framework 14 for RHEL 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which g ...

An issue was discovered in p11-kit 0211 through 02321 Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc (CVE-2020-29361) An issue was discovered in p11-kit 0211 through 02321 A heap-based buffer o ...

A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library in versions 0236 up to 02321 When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value ...

Critical Infrastructure Sectors: Critical Manufacturing

Wrap Anchore Grype Inside Docker

docker-grype Wrap Anchore Grype Inside Docker and Provide Allowed List Functionality Environment Variables ADD_CPES_IF_NONE (optional): If set to 1, set the --add-cpes-if-none when running the Grype command By default, this flag will not be set BY_CVE (optional): If set to 1, set the --by-cve flag when running the Grype command This will orient results by CVE instead of

CWE-787 https://github.com/p11-glue/p11-kit/releases https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x https://www.debian.org/security/2021/dsa-4822 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.debian.org/security/2021/dsa-4822 https://nvd.nist.gov https://github.com/cbdq-io/docker-grype https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10

CVE-2020-29363

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect