Lucene search
FedoraCVELIST:CVE-2021-42523HistoryAug 25, 2022 - 5:27 p.m.
CVE-2021-42523
2022-08-2517:27:21
CWE-200
fedora
www.cve.org
3
cve-2021-42523
colord
cd-device-db.c
cd-profile-db.c
sqlite3_exec
libxml2
There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the ‘err_msg’ of ‘sqlite3_exec’ is not releasing after use, while libxml2 emphasizes that the caller needs to release it.
CNA Affected
[
{
"product": "colord",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "colord - 1.4.4, 1.4.5"
}
]
}
]References
Related
cbl_mariner
cbl_mariner
CVE-2021-42523 affecting package colord for versions less than 1.4.4-9
2022-09-16 06:05:32
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0366)
2022-10-10 00:00:00
Huawei EulerOS: Security Advisory for colord (EulerOS-SA-2023-2186)
2023-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3496-1)
2022-10-05 00:00:00
mageia
mageia
Updated colord packages fix security vulnerability
2022-10-08 23:22:22
nessus
nessus
EulerOS 2.0 SP10 : colord (EulerOS-SA-2022-2676)
2022-11-02 00:00:00
EulerOS Virtualization 3.0.2.0 : colord (EulerOS-SA-2023-1747)
2023-05-07 00:00:00
EulerOS 2.0 SP5 : compat-colord10 (EulerOS-SA-2023-1493)
2023-03-08 00:00:00
osv
osv
colord-1.4.6-2.1 on GA media
2024-06-15 00:00:00
CVE-2021-42523
2022-08-25 18:15:09
prion
prion
Information disclosure
2022-08-25 18:15:00
nvd
nvd
CVE-2021-42523
2022-08-25 18:15:09
debiancve
debiancve
CVE-2021-42523
2022-08-25 18:15:09
redhatcve
redhatcve
CVE-2021-42523
2022-10-13 14:59:32
ubuntucve
ubuntucve
CVE-2021-42523
2022-08-25 00:00:00
suse
suse
Security update for colord (moderate)
2022-10-04 00:00:00
cve
cve
CVE-2021-42523
2022-08-25 18:15:09
veracode
veracode
Information Disclosure
2022-09-05 03:56:39