CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
89.4%
software: heimdal 7.8.0
WASP: ROSA-CHROME
package_evr_string: heimdal-7.8.0-1
CVE-ID: CVE-2021-44758
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: heimdal allowed attackers to cause null pointer dereferencing in the SPNEGO receiver via the preferred_mech_type GSS_C_NO_OID and a non-zero initial_response value for send_accept.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update heimdal
CVE-ID: CVE-2022-41916
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. Vulnerable to denial of service in the Heimdal PKI certificate validation library affecting KDC (via PKINIT) and kinit (via PKINIT), as well as any third-party applications that use libhx509 Heimdal. There are no known solutions to this problem.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update heimdal
CVE-ID: CVE-2022-42898
BDU-ID: 2022-06933
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the PAC (Privileged Attribute Certificate) parameters of the krb5_parse_pac function of the Heimdal and MIT Kerberos packets of the Samba networking program is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update heimdal
CVE-ID: CVE-2022-44640
BDU-ID: None
CVE-Crit: CRITICAL.
CVE-DESC.: Heimdal allows remote attackers to execute arbitrary code due to invalid free code in the ASN.1 codec used by the Key Distribution Center (KDC).
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update heimdal
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
89.4%