repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.
Advisories
Source ID Title
Debian DLA Debian DLA DLA-2088-1 libsolv security update
EUVD EUVD EUVD-2019-10939 repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00721}

epss

{'score': 0.0121}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T02:39:09.650Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2019-20387

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-01-21T23:15:13.443

Modified: 2024-11-21T04:38:21.740

Link: CVE-2019-20387

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-01-21T00:00:00Z

Links: CVE-2019-20387 - Bugzilla

cve-icon OpenCVE Enrichment

No data.