Lucene search

Gentoo FoundationMGASA-2021-0363

HistoryJul 21, 2021 - 3:18 p.m.

Updated perl-Convert-ASN1 package fixes security vulnerability

2021-07-2115:18:13

Gentoo Foundation

advisories.mageia.org

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.009 Low

EPSS

Percentile

83.2%

JSON

perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input (CVE-2013-7488).

OSVersionArchitecturePackageVersionFilename
Mageia8noarchperl-convert-asn1< 0.310.0-1perl-Convert-ASN1-0.310.0-1.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	perl-convert-asn1	< 0.310.0-1	perl-Convert-ASN1-0.310.0-1.mga8

References

bugs.mageia.org/show_bug.cgi?id=27710

lists.fedoraproject.org/archives/list/[email protected]/thread/ONNQSW4SSKMG5RUEFZJZA5T5R2WXEGQF/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for MGASA-2021-0363