ID

VAR-202102-1093


CVE

CVE-2021-27219


TITLE

GNOME Glib Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202102-1181

DESCRIPTION

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. Currently there is no information about this vulnerability. Please keep an eye on CNNVD or manufacturer announcements. Summary: Red Hat Advanced Cluster Management for Kubernetes 2.3.0 General Availability release images, which fix several bugs and security issues. Description: Red Hat Advanced Cluster Management for Kubernetes 2.3.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release: https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana gement_for_kubernetes/2.3/html/release_notes/ Security: * fastify-reply-from: crafted URL allows prefix scape of the proxied backend service (CVE-2021-21321) * fastify-http-proxy: crafted URL allows prefix scape of the proxied backend service (CVE-2021-21322) * nodejs-netmask: improper input validation of octal input data (CVE-2021-28918) * redis: Integer overflow via STRALGO LCS command (CVE-2021-29477) * redis: Integer overflow via COPY command for large intsets (CVE-2021-29478) * nodejs-glob-parent: Regular expression denial of service (CVE-2020-28469) * nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500) * golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing - -u- extension (CVE-2020-28851) * golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852) * nodejs-ansi_up: XSS due to insufficient URL sanitization (CVE-2021-3377) * oras: zip-slip vulnerability via oras-pull (CVE-2021-21272) * redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms (CVE-2021-21309) * nodejs-lodash: command injection via template (CVE-2021-23337) * nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() (CVE-2021-23362) * browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) (CVE-2021-23364) * nodejs-postcss: Regular expression denial of service during source map parsing (CVE-2021-23368) * nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option (CVE-2021-23369) * nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js (CVE-2021-23382) * nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option (CVE-2021-23383) * openssl: integer overflow in CipherUpdate (CVE-2021-23840) * openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841) * nodejs-ua-parser-js: ReDoS via malicious User-Agent header (CVE-2021-27292) * grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call (CVE-2021-27358) * nodejs-is-svg: ReDoS via malicious string (CVE-2021-28092) * nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character (CVE-2021-29418) * ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482) * normalize-url: ReDoS for data URLs (CVE-2021-33502) * nodejs-trim-newlines: ReDoS in .end() method (CVE-2021-33623) * nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343) * html-parse-stringify: Regular Expression DoS (CVE-2021-23346) * openssl: incorrect SSLv2 rollback protection (CVE-2021-23839) For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References section. Bugs: * RFE Make the source code for the endpoint-metrics-operator public (BZ# 1913444) * cluster became offline after apiserver health check (BZ# 1942589) 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1913333 - CVE-2020-28851 golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension 1913338 - CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag 1913444 - RFE Make the source code for the endpoint-metrics-operator public 1921286 - CVE-2021-21272 oras: zip-slip vulnerability via oras-pull 1927520 - RHACM 2.3.0 images 1928937 - CVE-2021-23337 nodejs-lodash: command injection via template 1928954 - CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions 1930294 - CVE-2021-23839 openssl: incorrect SSLv2 rollback protection 1930310 - CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 1930324 - CVE-2021-23840 openssl: integer overflow in CipherUpdate 1932634 - CVE-2021-21309 redis: integer overflow when configurable limit for maximum supported bulk input size is too big on 32-bit platforms 1936427 - CVE-2021-3377 nodejs-ansi_up: XSS due to insufficient URL sanitization 1939103 - CVE-2021-28092 nodejs-is-svg: ReDoS via malicious string 1940196 - View Resource YAML option shows 404 error when reviewing a Subscription for an application 1940613 - CVE-2021-27292 nodejs-ua-parser-js: ReDoS via malicious User-Agent header 1941024 - CVE-2021-27358 grafana: snapshot feature allow an unauthenticated remote attacker to trigger a DoS via a remote API call 1941675 - CVE-2021-23346 html-parse-stringify: Regular Expression DoS 1942178 - CVE-2021-21321 fastify-reply-from: crafted URL allows prefix scape of the proxied backend service 1942182 - CVE-2021-21322 fastify-http-proxy: crafted URL allows prefix scape of the proxied backend service 1942589 - cluster became offline after apiserver health check 1943208 - CVE-2021-23362 nodejs-hosted-git-info: Regular Expression denial of service via shortcutMatch in fromUrl() 1944822 - CVE-2021-29418 nodejs-netmask: incorrectly parses an IP address that has octal integer with invalid character 1944827 - CVE-2021-28918 nodejs-netmask: improper input validation of octal input data 1945459 - CVE-2020-28469 nodejs-glob-parent: Regular expression denial of service 1948761 - CVE-2021-23369 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option 1948763 - CVE-2021-23368 nodejs-postcss: Regular expression denial of service during source map parsing 1954150 - CVE-2021-23382 nodejs-postcss: ReDoS via getAnnotationURL() and loadAnnotation() in lib/previous-map.js 1954368 - CVE-2021-29482 ulikunitz/xz: Infinite loop in readUvarint allows for denial of service 1955619 - CVE-2021-23364 browserslist: parsing of invalid queries could result in Regular Expression Denial of Service (ReDoS) 1956688 - CVE-2021-23383 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option 1956818 - CVE-2021-23343 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe 1957410 - CVE-2021-29477 redis: Integer overflow via STRALGO LCS command 1957414 - CVE-2021-29478 redis: Integer overflow via COPY command for large intsets 1964461 - CVE-2021-33502 normalize-url: ReDoS for data URLs 1966615 - CVE-2021-33623 nodejs-trim-newlines: ReDoS in .end() method 1968122 - clusterdeployment fails because hiveadmission sc does not have correct permissions 1972703 - Subctl fails to join cluster, since it cannot auto-generate a valid cluster id 1983131 - Defragmenting an etcd member doesn't reduce the DB size (7.5GB) on a setup with ~1000 spoke clusters 5. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202107-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: GLib: Multiple vulnerabilities Date: July 07, 2021 Bugs: #768753, #775632 ID: 202107-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in GLib, the worst of which could result in the arbitrary execution of code. Background ========== GLib is a library providing a number of GNOME's core objects and functions. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/glib < 2.66.8 >= 2.66.8 Description =========== Multiple vulnerabilities have been discovered in GLib. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All GLib users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/glib-2.66.8" References ========== [ 1 ] CVE-2021-27218 https://nvd.nist.gov/vuln/detail/CVE-2021-27218 [ 2 ] CVE-2021-27219 https://nvd.nist.gov/vuln/detail/CVE-2021-27219 [ 3 ] CVE-2021-28153 https://nvd.nist.gov/vuln/detail/CVE-2021-28153 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202107-13 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . 8.2) - aarch64, ppc64le, s390x, x86_64 3. 7.4) - x86_64 3. 7.7) - noarch, ppc64, ppc64le, s390x, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: glib2 security update Advisory ID: RHSA-2021:2147-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2147 Issue date: 2021-05-31 CVE Names: CVE-2021-27219 ==================================================================== 1. Summary: An update for glib2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm ppc64: glib2-2.56.1-9.el7_9.ppc.rpm glib2-2.56.1-9.el7_9.ppc64.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc64.rpm glib2-devel-2.56.1-9.el7_9.ppc.rpm glib2-devel-2.56.1-9.el7_9.ppc64.rpm ppc64le: glib2-2.56.1-9.el7_9.ppc64le.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc64le.rpm glib2-devel-2.56.1-9.el7_9.ppc64le.rpm s390x: glib2-2.56.1-9.el7_9.s390.rpm glib2-2.56.1-9.el7_9.s390x.rpm glib2-debuginfo-2.56.1-9.el7_9.s390.rpm glib2-debuginfo-2.56.1-9.el7_9.s390x.rpm glib2-devel-2.56.1-9.el7_9.s390.rpm glib2-devel-2.56.1-9.el7_9.s390x.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm ppc64: glib2-debuginfo-2.56.1-9.el7_9.ppc.rpm glib2-debuginfo-2.56.1-9.el7_9.ppc64.rpm glib2-fam-2.56.1-9.el7_9.ppc64.rpm glib2-static-2.56.1-9.el7_9.ppc.rpm glib2-static-2.56.1-9.el7_9.ppc64.rpm glib2-tests-2.56.1-9.el7_9.ppc64.rpm ppc64le: glib2-debuginfo-2.56.1-9.el7_9.ppc64le.rpm glib2-fam-2.56.1-9.el7_9.ppc64le.rpm glib2-static-2.56.1-9.el7_9.ppc64le.rpm glib2-tests-2.56.1-9.el7_9.ppc64le.rpm s390x: glib2-debuginfo-2.56.1-9.el7_9.s390.rpm glib2-debuginfo-2.56.1-9.el7_9.s390x.rpm glib2-fam-2.56.1-9.el7_9.s390x.rpm glib2-static-2.56.1-9.el7_9.s390.rpm glib2-static-2.56.1-9.el7_9.s390x.rpm glib2-tests-2.56.1-9.el7_9.s390x.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: glib2-2.56.1-9.el7_9.src.rpm x86_64: glib2-2.56.1-9.el7_9.i686.rpm glib2-2.56.1-9.el7_9.x86_64.rpm glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-devel-2.56.1-9.el7_9.i686.rpm glib2-devel-2.56.1-9.el7_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: glib2-doc-2.56.1-9.el7_9.noarch.rpm x86_64: glib2-debuginfo-2.56.1-9.el7_9.i686.rpm glib2-debuginfo-2.56.1-9.el7_9.x86_64.rpm glib2-fam-2.56.1-9.el7_9.x86_64.rpm glib2-static-2.56.1-9.el7_9.i686.rpm glib2-static-2.56.1-9.el7_9.x86_64.rpm glib2-tests-2.56.1-9.el7_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-27219 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYLS3ctzjgjWX9erEAQi/oBAAk7Y1nA3n84Zz7y/KwwhHGlbTLc0NXn4c nRQUpxJuScuvefAmM+Z73qxqxdM+hBQfDoodATPeTgYT7mYFnN3n+dTrv7Sg1kks aU9Q6d7HdRnk4mhOK3blYI8Ln5LYkcRcqmpyZ8sN14Cqffc+o5VEIwT6hht9/iZL UJQDhdbWT/EDXcZ7iV+1ahicKczm/XEZVkC8zAa9rcQlJ3JJ36gmMuCvmYbS4TOb 8UKNb2hpjkk9laGC5BWG8dnpzrdQnUXmd39n7rltLiIxoQeq3UWo44UCV7XZFcVT eoEt5o3no3+mlIcYto6u5lgfq83D/bI6OuRVRm3BaAp5lBNqPU6dzv2sxtWbKizR vIlmBmoWvYXbNxwkGZeQ5ZU3TTumCUOqIvT5KFIdurWPeknb9zD4Xt8JIuWNXwbV 1mv5jnAz8+v8LX2hQpUh2QPEpTi6GKDWhTE2w+Ulh4s0SCTICc8pjdyNx+PljDDx HyWwPu7veac0fewc+VHZzsTqrKFnH46+A6LIv2bySioa0oomxxWZrSg5BBx+tQXn ND/TjXaFnmrHVyDP7zD0PPBR13PlN8o++LK6oIADSrruc/1FPC7veEqFjMyHwemG nJyp479dwq4M7kpBgd9VfFTVjluCxYsA7FDwP+6q3k+ZJR6S0Dm5pXail/S1gPpw qTmrr3x9NbI=Nn9w -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Solution: For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update: https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel ease-notes.html For Red Hat OpenShift Logging 5.0, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-u pgrading.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1921650 - CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation 5. Description: The OpenShift Container Storage solution provides persistent storage service for OpenShift Containers and OpenShift Infrastructure services. Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1957321 - Respin the rhgs-server-container container to include latest glusterfs rpm for RHGS 3.5.5 1958341 - CVE-2021-31525 golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header 1987163 - respin volmanager to include latest heketi rpm 5

Trust: 1.8

sources: NVD: CVE-2021-27219 // VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // PACKETSTORM: 163747 // PACKETSTORM: 163426 // PACKETSTORM: 162889 // PACKETSTORM: 162892 // PACKETSTORM: 162895 // PACKETSTORM: 162869 // PACKETSTORM: 163133 // PACKETSTORM: 164452

AFFECTED PRODUCTS

vendor:fedoraprojectmodel:fedorascope:eqversion:34

Trust: 1.0

vendor:broadcommodel:brocade fabric operating systemscope:eqversion: -

Trust: 1.0

vendor:gnomemodel:glibscope:ltversion:2.66.6

Trust: 1.0

vendor:gnomemodel:glibscope:gteversion:2.67.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:gnomemodel:glibscope:ltversion:2.67.3

Trust: 1.0

vendor:netappmodel:e-series performance analyzerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:33

Trust: 1.0

sources: NVD: CVE-2021-27219

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-27219
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202102-1181
value: HIGH

Trust: 0.6

VULHUB: VHN-386440
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-27219
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-27219
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-386440
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-27219
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // CNNVD: CNNVD-202102-1181 // NVD: CVE-2021-27219

PROBLEMTYPE DATA

problemtype:CWE-681

Trust: 1.1

sources: VULHUB: VHN-386440 // NVD: CVE-2021-27219

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202102-1181

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202102-1181

PATCH

title:GNOME Glib Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=142631

Trust: 0.6

title:Amazon Linux AMI: ALAS-2021-1526url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1526

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1655url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1655

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-27219 log

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2021-27219

Trust: 0.1

title: - url:https://github.com/vincent-deng/veracode-container-security-finding-parser

Trust: 0.1

sources: VULMON: CVE-2021-27219 // CNNVD: CNNVD-202102-1181

EXTERNAL IDS

db:NVDid:CVE-2021-27219

Trust: 2.6

db:PACKETSTORMid:163133

Trust: 0.8

db:PACKETSTORMid:163426

Trust: 0.8

db:PACKETSTORMid:162869

Trust: 0.8

db:PACKETSTORMid:164856

Trust: 0.7

db:PACKETSTORMid:161714

Trust: 0.7

db:PACKETSTORMid:162884

Trust: 0.7

db:PACKETSTORMid:163496

Trust: 0.7

db:PACKETSTORMid:163149

Trust: 0.7

db:PACKETSTORMid:163267

Trust: 0.7

db:PACKETSTORMid:162929

Trust: 0.7

db:PACKETSTORMid:164452

Trust: 0.7

db:AUSCERTid:ESB-2021.0896

Trust: 0.6

db:AUSCERTid:ESB-2021.3340

Trust: 0.6

db:AUSCERTid:ESB-2021.4083

Trust: 0.6

db:AUSCERTid:ESB-2021.0818

Trust: 0.6

db:AUSCERTid:ESB-2021.3019

Trust: 0.6

db:AUSCERTid:ESB-2021.2180

Trust: 0.6

db:AUSCERTid:ESB-2021.2711

Trust: 0.6

db:AUSCERTid:ESB-2022.2809

Trust: 0.6

db:AUSCERTid:ESB-2021.1922

Trust: 0.6

db:AUSCERTid:ESB-2021.2131

Trust: 0.6

db:AUSCERTid:ESB-2021.2365

Trust: 0.6

db:AUSCERTid:ESB-2021.3744

Trust: 0.6

db:AUSCERTid:ESB-2021.1856

Trust: 0.6

db:AUSCERTid:ESB-2021.2657

Trust: 0.6

db:AUSCERTid:ESB-2021.0994

Trust: 0.6

db:AUSCERTid:ESB-2021.0917

Trust: 0.6

db:AUSCERTid:ESB-2021.2228

Trust: 0.6

db:AUSCERTid:ESB-2021.2123

Trust: 0.6

db:CS-HELPid:SB2021070711

Trust: 0.6

db:CS-HELPid:SB2021060225

Trust: 0.6

db:CS-HELPid:SB2021062703

Trust: 0.6

db:CS-HELPid:SB2021053117

Trust: 0.6

db:CS-HELPid:SB2021090833

Trust: 0.6

db:CS-HELPid:SB2022011038

Trust: 0.6

db:CS-HELPid:SB2021111130

Trust: 0.6

db:CS-HELPid:SB2021071516

Trust: 0.6

db:CS-HELPid:SB2021061422

Trust: 0.6

db:CS-HELPid:SB2021122914

Trust: 0.6

db:CS-HELPid:SB2021092220

Trust: 0.6

db:CS-HELPid:SB2021062315

Trust: 0.6

db:CNNVDid:CNNVD-202102-1181

Trust: 0.6

db:PACKETSTORMid:162892

Trust: 0.2

db:PACKETSTORMid:162895

Trust: 0.2

db:PACKETSTORMid:162889

Trust: 0.2

db:PACKETSTORMid:163191

Trust: 0.1

db:PACKETSTORMid:163257

Trust: 0.1

db:PACKETSTORMid:162932

Trust: 0.1

db:PACKETSTORMid:162893

Trust: 0.1

db:PACKETSTORMid:163240

Trust: 0.1

db:PACKETSTORMid:162888

Trust: 0.1

db:PACKETSTORMid:163242

Trust: 0.1

db:VULHUBid:VHN-386440

Trust: 0.1

db:VULMONid:CVE-2021-27219

Trust: 0.1

db:PACKETSTORMid:163747

Trust: 0.1

sources: VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // PACKETSTORM: 163747 // PACKETSTORM: 163426 // PACKETSTORM: 162889 // PACKETSTORM: 162892 // PACKETSTORM: 162895 // PACKETSTORM: 162869 // PACKETSTORM: 163133 // PACKETSTORM: 164452 // CNNVD: CNNVD-202102-1181 // NVD: CVE-2021-27219

REFERENCES

url:https://security.gentoo.org/glsa/202107-13

Trust: 1.9

url:https://security.netapp.com/advisory/ntap-20210319-0004/

Trust: 1.8

url:https://gitlab.gnome.org/gnome/glib/-/issues/2319

Trust: 1.8

url:https://lists.debian.org/debian-lts-announce/2022/06/msg00006.html

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-27219

Trust: 1.3

url:https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3cdev.mina.apache.org%3e

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2rea7rvkn7zhrljoegbrqkjipzqpaelz/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jjmpndo4gdvuryqfykfowy5haf4ftepn/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jjmpndo4gdvuryqfykfowy5haf4ftepn/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2rea7rvkn7zhrljoegbrqkjipzqpaelz/

Trust: 0.7

url:https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3cdev.mina.apache.org%3e

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2021-27219

Trust: 0.7

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.7

url:https://bugzilla.redhat.com/):

Trust: 0.7

url:https://access.redhat.com/security/team/contact/

Trust: 0.7

url:https://www.auscert.org.au/bulletins/esb-2021.0818

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0917

Trust: 0.6

url:https://packetstormsecurity.com/files/162869/red-hat-security-advisory-2021-2147-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021111130

Trust: 0.6

url:https://packetstormsecurity.com/files/163149/red-hat-security-advisory-2021-2286-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162884/red-hat-security-advisory-2021-2172-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2657

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0994

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2711

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2809

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0896

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3744

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1922

Trust: 0.6

url:https://packetstormsecurity.com/files/163426/gentoo-linux-security-advisory-202107-13.html

Trust: 0.6

url:https://packetstormsecurity.com/files/163133/red-hat-security-advisory-2021-2374-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2123

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021070711

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2365

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2180

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021060225

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021122914

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4083

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6520674

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021053117

Trust: 0.6

url:https://packetstormsecurity.com/files/163496/red-hat-security-advisory-2021-2705-01.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6526532

Trust: 0.6

url:https://vigilance.fr/vulnerability/gnome-glib-integer-overflow-via-g-bytes-new-34776

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2228

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021062703

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021092220

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3019

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-glibc-vulnerability-affects-ibm-elastic-storage-system-cve-2021-27219/

Trust: 0.6

url:https://packetstormsecurity.com/files/161714/ubuntu-security-notice-usn-4759-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1856

Trust: 0.6

url:https://packetstormsecurity.com/files/163267/red-hat-security-advisory-2021-2532-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022011038

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2131

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3340

Trust: 0.6

url:https://packetstormsecurity.com/files/164452/red-hat-security-advisory-2021-3748-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021061422

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021071516

Trust: 0.6

url:https://packetstormsecurity.com/files/162929/red-hat-security-advisory-2021-2203-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021062315

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021090833

Trust: 0.6

url:https://packetstormsecurity.com/files/164856/red-hat-security-advisory-2021-4526-03.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6518308

Trust: 0.6

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.5

url:https://access.redhat.com/articles/11258

Trust: 0.5

url:https://access.redhat.com/security/team/key/

Trust: 0.4

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/681.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2021-27219

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://alas.aws.amazon.com/alas-2021-1526.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20454

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28469

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28500

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20934

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8286

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28196

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20305

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15358

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29418

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-15358

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28852

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13050

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-14502

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33034

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27618

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28092

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3520

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15903

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-20843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13434

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3537

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28851

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-1730

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8231

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33909

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29482

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3518

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23337

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-32399

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29362

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27358

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19906

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23369

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13050

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3516

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21321

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23368

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13434

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-14502

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8285

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11668

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-10228

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9169

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23362

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23364

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23343

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25013

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3449

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21309

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33502

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23841

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28196

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29361

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23383

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28918

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3517

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28851

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3560

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28852

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23840

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33033

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-1000858

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14889

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1730

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3541

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13627

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-1000858

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20934

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25217

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28469

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3016

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3377

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20271

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-9169

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3326

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20454

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3450

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25013

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28500

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-2708

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21272

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29477

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-27292

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23346

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29478

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8927

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11668

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23839

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19906

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33623

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21322

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2708

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-10228

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23382

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-15903

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13627

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14889

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8284

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33910

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29361

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27618

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-28153

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-27218

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2171

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2174

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2175

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2147

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3121

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-u

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2374

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3121

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3748

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25692

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25692

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3114

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-31525

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25648

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31525

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3114

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25648

Trust: 0.1

sources: VULHUB: VHN-386440 // VULMON: CVE-2021-27219 // PACKETSTORM: 163747 // PACKETSTORM: 163426 // PACKETSTORM: 162889 // PACKETSTORM: 162892 // PACKETSTORM: 162895 // PACKETSTORM: 162869 // PACKETSTORM: 163133 // PACKETSTORM: 164452 // CNNVD: CNNVD-202102-1181 // NVD: CVE-2021-27219

CREDITS

Red Hat

Trust: 0.7

sources: PACKETSTORM: 163747 // PACKETSTORM: 162889 // PACKETSTORM: 162892 // PACKETSTORM: 162895 // PACKETSTORM: 162869 // PACKETSTORM: 163133 // PACKETSTORM: 164452

SOURCES

db:VULHUBid:VHN-386440
db:VULMONid:CVE-2021-27219
db:PACKETSTORMid:163747
db:PACKETSTORMid:163426
db:PACKETSTORMid:162889
db:PACKETSTORMid:162892
db:PACKETSTORMid:162895
db:PACKETSTORMid:162869
db:PACKETSTORMid:163133
db:PACKETSTORMid:164452
db:CNNVDid:CNNVD-202102-1181
db:NVDid:CVE-2021-27219

LAST UPDATE DATE

2026-07-11T21:56:55.008000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-386440date:2022-12-07T00:00:00
db:VULMONid:CVE-2021-27219date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202102-1181date:2022-06-08T00:00:00
db:NVDid:CVE-2021-27219date:2026-06-17T03:44:29.427

SOURCES RELEASE DATE

db:VULHUBid:VHN-386440date:2021-02-15T00:00:00
db:VULMONid:CVE-2021-27219date:2021-02-15T00:00:00
db:PACKETSTORMid:163747date:2021-08-06T14:02:37
db:PACKETSTORMid:163426date:2021-07-07T16:09:05
db:PACKETSTORMid:162889date:2021-06-01T15:11:50
db:PACKETSTORMid:162892date:2021-06-01T15:13:12
db:PACKETSTORMid:162895date:2021-06-01T15:14:05
db:PACKETSTORMid:162869date:2021-05-31T14:23:53
db:PACKETSTORMid:163133date:2021-06-14T15:54:54
db:PACKETSTORMid:164452date:2021-10-08T15:35:28
db:CNNVDid:CNNVD-202102-1181date:2021-02-15T00:00:00
db:NVDid:CVE-2021-27219date:2021-02-15T17:15:13.137