| CVE-2021-43396 |
Medium |
Yes |
Incorrect calculation |
In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted... |
| CVE-2021-35942 |
Medium |
Yes |
Information disclosure |
The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with... |
| CVE-2021-33574 |
Low |
No |
Arbitrary code execution |
The mq_notify function in the GNU C Library (aka glibc) through 2.33 has a use-after-free. It may use the notification thread attributes object (passed... |
| CVE-2021-27645 |
Low |
Yes |
Denial of service |
The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash... |
| CVE-2021-3999 |
High |
No |
Arbitrary code execution |
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A... |
| CVE-2021-3998 |
High |
No |
Information disclosure |
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of... |