0.001 Low
EPSS
Percentile
48.2%
libsolv is vulnerable to denial of service. The vulnerability exists through the prune_to_recommended function in policy.c, allowing an attacker to crash the application via malicious input.
prune_to_recommended
policy.c
access.redhat.com/errata/RHSA-2021:4060
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=2000707
github.com/openSUSE/libsolv/issues/420