- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.4els/CLSA-2022-1645466518.json
- JSON Data
-
https://api.osv.dev/v1/vulns/CLSA-2022-1645466518
- Upstream
- Published
- 2022-02-21T18:01:58Z
- Modified
- 2026-05-29T01:37:50.659005286Z
- Summary
-
Fix of CVE: CVE-2021-20284, CVE-2021-20197, CVE-2021-42574, CVE-2021-3487, CVE-2020-35448
- Details
-
- CVE-2021-42574: Developer environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks (#2009172)
- CVE-2021-20284: Heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c (#1961526)
- CVE-2020-35448: Heap-based buffer overflow in bfdgetlsigned_32() in libbfd.c (#1953659)
- CVE-2021-3487: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section() (#1947134)
- CVE-2021-20197: Race window allows users to own arbitrary files (#1920642)
- References
-
Affected packages
CLSA-2022-1645466518 - OSV
