Libsolv
This hub aggregates every CVE we track for Libsolv, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
13
CVEs tracked
0
Critical
6
High
0
In CISA KEV
Severity distribution
HIGH6MEDIUM6LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
3
0
0
2024-082026-07
Latest CVEs
The 13 most recently published vulnerabilities affecting Libsolv.
- CVE-2026-48864Libsolv: heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data7.8
- CVE-2026-9149Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file6.5
- CVE-2026-9150Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums6.5
- CVE-2021-44568Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv through 13 Dec 2020 in the decisionmap variable via the resolve_dependencies function at src/solver.c (line 1940 & line 1995), wh...6.5
- CVE-2021-33938Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service.7.5
- CVE-2021-33930Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.7.5
- CVE-2021-33929Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.7.5
- CVE-2021-33928Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.7.5
- CVE-2021-3200Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase...3.3
- CVE-2019-20387repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema.7.5
- CVE-2018-20533There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.6.5
- CVE-2018-20532There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.6.5
- CVE-2018-20534There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects...6.5
Product normalization is registry-driven with AI assist and human review. How it works