VulnerableCode Package Details - pkg:alpm/archlinux/krb5@1.21.3-1

Search for packages

Package details: pkg:alpm/archlinux/krb5@1.21.3-1

Essentials
History (6)

purl	pkg:alpm/archlinux/krb5@1.21.3-1

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-m67b-g9qg-aaam	In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.	CVE-2024-37370
VCID-wahm-6uhz-aaaj	In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.	CVE-2024-37371

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:20.278866+00:00	Arch Linux Importer	Fixing	VCID-m67b-g9qg-aaam	https://security.archlinux.org/AVG-2856	36.0.0
2025-03-28T07:46:20.259115+00:00	Arch Linux Importer	Fixing	VCID-wahm-6uhz-aaaj	https://security.archlinux.org/AVG-2856	36.0.0
2024-09-18T02:01:33.947186+00:00	Arch Linux Importer	Fixing	VCID-m67b-g9qg-aaam	https://security.archlinux.org/AVG-2856	34.0.1
2024-09-18T02:01:33.920619+00:00	Arch Linux Importer	Fixing	VCID-wahm-6uhz-aaaj	https://security.archlinux.org/AVG-2856	34.0.1
2024-07-06T22:27:37.451903+00:00	Arch Linux Importer	Fixing	VCID-m67b-g9qg-aaam	https://security.archlinux.org/AVG-2856	34.0.0rc4
2024-07-06T22:27:37.428295+00:00	Arch Linux Importer	Fixing	VCID-wahm-6uhz-aaaj	https://security.archlinux.org/AVG-2856	34.0.0rc4