[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2021-0041":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":20,"duplicates":21,"related":22,"reserved_at":9,"published_at":26,"modified_at":27,"state":9,"summary":28,"references_raw":30,"kevs":63,"epss":9,"epss_history":64,"metrics":65,"affected":66},"MGASA-2021-0041","Updated p11-kit packages fix security vulnerabilities\n\nMultiple integer overflows have been discovered in the array allocations in\nthe p11-kit library and the p11-kit list command, where overflow checks are\nmissing before calling realloc or calloc (CVE-2020-29361).\n\nA heap-based buffer over-read has been discovered in the RPC protocol used by\nthe p11-kit server/remote commands and the client library. When the remote\nentity supplies a byte array through a serialized PKCS#11 function call, the\nreceiving entity may allow the reading of up to 4 bytes of memory past the\nheap allocation (CVE-2020-29362).\n\nA heap-based buffer overflow has been discovered in the RPC protocol used by\np11-kit server/remote commands and the client library. When the remote entity\nsupplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may\nnot allocate sufficient length for the buffer to store the deserialized value\n(CVE-2020-29363).\n",null,[],[],[],[14,16,18],{"_key":15},"CVE-2020-29361",{"_key":17},"CVE-2020-29362",{"_key":19},"CVE-2020-29363",[],[],[23,24,25],{"_key":15},{"_key":17},{"_key":19},"2021-01-17T16:07:01Z","2026-04-16T04:25:10.455921Z",{"cisa_kev":29,"cisa_ransomware":29,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[31,37,42,46,50,54,59],{"url":32,"sources":33,"tags":35},"https://advisories.mageia.org/MGASA-2021-0041.html",[34],"osv_mageia",[36],"Advisory",{"url":38,"sources":39,"tags":40},"https://bugs.mageia.org/show_bug.cgi?id=27853",[34],[41],"REPORT",{"url":43,"sources":44,"tags":45},"https://github.com/p11-glue/p11-kit/security/advisories/GHSA-q4r3-hm6m-mvc2",[34],[41,36],{"url":47,"sources":48,"tags":49},"https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5wpq-43j2-6qwc",[34],[41,36],{"url":51,"sources":52,"tags":53},"https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x",[34],[41,36],{"url":55,"sources":56,"tags":57},"https://github.com/p11-glue/p11-kit/releases/tag/0.23.22",[34],[41,58],"WEB",{"url":60,"sources":61,"tags":62},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4D5CLBYQ6GQU5KRRIBTSC4AOKNPX2JPE/",[34],[41,58],[],[],[],[67],{"ecosystem":68,"name":69,"vendor":70,"product":69,"cpe_part":9,"purl_type":71,"purl_namespace":70,"purl_name":69,"source":9,"versions":72},"Mageia","p11-kit","mageia","rpm",[73],{"version":74,"is_range":75,"range_type":76,"version_start":9,"version_start_type":9,"version_end":77,"version_end_type":78,"fixed_in":9},"lt0_23_22_1_mga7",true,"ecosystem","0.23.22-1.mga7","excluding"]