CVE-2021-20179

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-20179

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-20179.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-20179

Related

Published

2021-03-15T13:15:14Z

Modified

2024-09-18T03:12:06.982280Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.

References

Affected packages

Debian:11 / dogtag-pki

Package

Name: dogtag-pki
Purl: pkg:deb/debian/dogtag-pki?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

10.10.2-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/dogtagpki/pki

Affected ranges

Type: GIT
Repo: https://github.com/dogtagpki/pki
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

76eca860d5d87b78156d1478306e8efab0c2c9e1

Affected versions

Other

DOGTAG_10_0_0_ALPHA_FEDORA_16_17_20120314

DOGTAG_10_0_2_FEDORA_18_19_20130507

DOGTAG_10_1_0_BETA_20131111

DOGTAG_10_1_0_BETA_FEDORA_20_20131111

DOGTAG_10_1_0_GA_FEDORA_20_20131121

DOGTAG_10_2_0_ALPHA_FEDORA_21_20140909

DOGTAG_10_2_1_FEDORA_22_20150108

DOGTAG_10_2_20150808

DOGTAG_10_2_2_FEDORA_22_20150318

DOGTAG_10_2_3_FEDORA_22_20150423

DOGTAG_10_2_4_FEDORA_22_20150526

DOGTAG_10_2_5_FEDORA_22_20150619

DOGTAG_10_2_6_FEDORA_22_23_20150718

DOGTAG_10_3_0_FEDORA_24_20160516

DOGTAG_10_3_0_a1_FEDORA_24_ALPHA_20160307

DOGTAG_10_3_0_a2_FEDORA_24_ALPHA_20160407

DOGTAG_10_3_0_b1_FEDORA_24_BETA_20160418

DOGTAG_10_3_1_FEDORA_24_20160517

DOGTAG_10_3_2_FEDORA_24_20160607

DOGTAG_10_3_3_FEDORA_24_20160620

DOGTAG_10_3_4_FEDORA_24_20160705

DOGTAG_10_3_5_FEDORA_24_20160808

DOGTAG_10_4_8_FEDORA_27

DOGTAG_10_4_FEDORA_25_20170314

DOGTAG_10_4_FEDORA_27_20170331

DOGTAG_10_4_FEDORA_27_20170413

DOGTAG_10_4_FEDORA_27_20170501

DOGTAG_10_4_FEDORA_27_20170509

DOGTAG_10_4_FEDORA_27_20170522

DOGTAG_10_4_FEDORA_27_20170530

DOGTAG_10_4_FEDORA_27_20170605

DOGTAG_10_4_FEDORA_27_20170612

pki-core-10.*

pki-core-10.2.0-3

pki-core-10.2.1-0.1

v10.*

v10.0.2

v10.1.0

v10.2.0

v10.2.1

v10.2.2

v10.2.3

v10.2.4

v10.2.5

v10.2.6

v10.3.0

v10.3.1

v10.3.2

v10.3.3

v10.3.4

v10.3.5

v10.4.0

v10.4.1

v10.4.2

v10.4.3

v10.4.4

v10.4.5

v10.4.6

v10.4.7

v10.4.8