← back
CVE-2021-27343

CVE-2021-27343

EPSS 1.7%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
06 Apr 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
SerenityOS Unspecified is affected by: Buffer Overflow. The impact is: obtain sensitive information (context-dependent). The component is: /Userland/Libraries/LibCrypto/ASN1/DER.h Crypto::der_decode_sequence() function. The attack vector is: Parsing RSA Key ASN.1.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/SerenityOS/serenity/commit/48fbf6a88d4822a1e5470cf08f29464511bd72c1https://github.com/SerenityOS/serenity/issues/5317https://github.com/SerenityOS/serenity/pull/5344