CVE-2021-29629
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
28/05/2021
Last modified:
16/05/2022
Description
In FreeBSD 13.0-STABLE before n245765-bec0d2c9c841, 12.2-STABLE before r369859, 11.4-STABLE before r369866, 13.0-RELEASE before p1, 12.2-RELEASE before p7, and 11.4-RELEASE before p10, missing message validation in libradius(3) could allow malicious clients or servers to trigger denial of service in vulnerable servers or clients respectively.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:freebsd:freebsd:11.4:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:beta1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p3:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p4:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p5:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p6:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p7:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p8:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:p9:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:11.4:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:* | ||
| cpe:2.3:o:freebsd:freebsd:12.2:beta1-p1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page