[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2023:0019-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":28,"duplicates":29,"related":30,"reserved_at":9,"published_at":38,"modified_at":39,"state":9,"summary":40,"references_raw":42,"kevs":79,"epss":9,"epss_history":80,"metrics":81,"affected":82},"OPENSUSE-SU-2023:0019-1","Security update for libheimdal\n\nThis update for libheimdal fixes the following issues:\n\nUpdate to version 7.8.0\n\n- CVE-2022-42898 PAC parse integer overflows\n- CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour\n- CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array\n- CVE-2021-44758 A null pointer de-reference DoS in SPNEGO acceptors\n- CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ\n- CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec\n- CVE-2019-14870: Validate client attributes in protocol-transition\n",null,[],[],[],[14,16,18,20,22,24,26],{"_key":15},"CVE-2019-14870",{"_key":17},"CVE-2021-3671",{"_key":19},"CVE-2021-44758",{"_key":21},"CVE-2022-3437",{"_key":23},"CVE-2022-41916",{"_key":25},"CVE-2022-42898",{"_key":27},"CVE-2022-44640",[],[],[31,32,33,34,35,36,37],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},"2023-01-16T08:42:44Z","2026-02-04T03:44:03.250796Z",{"cisa_kev":41,"cisa_ransomware":41,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[43,50,55,59,63,67,71,75],{"url":44,"sources":45,"tags":48},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WO45C5LQHPOWEJHKWCXPWLI54XMTTYQP/",[46,47],"osv_suse","osv_opensuse",[49],"Advisory",{"url":51,"sources":52,"tags":53},"https://www.suse.com/security/cve/CVE-2019-14870",[46,47],[54],"WEB",{"url":56,"sources":57,"tags":58},"https://www.suse.com/security/cve/CVE-2021-3671",[46,47],[54],{"url":60,"sources":61,"tags":62},"https://www.suse.com/security/cve/CVE-2021-44758",[46,47],[54],{"url":64,"sources":65,"tags":66},"https://www.suse.com/security/cve/CVE-2022-3437",[46,47],[54],{"url":68,"sources":69,"tags":70},"https://www.suse.com/security/cve/CVE-2022-41916",[46,47],[54],{"url":72,"sources":73,"tags":74},"https://www.suse.com/security/cve/CVE-2022-42898",[46,47],[54],{"url":76,"sources":77,"tags":78},"https://www.suse.com/security/cve/CVE-2022-44640",[46,47],[54],[],[],[],[83,96],{"ecosystem":84,"name":85,"vendor":86,"product":87,"cpe_part":9,"purl_type":88,"purl_namespace":86,"purl_name":87,"source":9,"versions":89},"openSUSE","libheimdal","opensuse","libheimdal&distro=openSUSE Leap 15.4","rpm",[90],{"version":91,"is_range":92,"range_type":93,"version_start":9,"version_start_type":9,"version_end":94,"version_end_type":95,"fixed_in":9},"lt7_8_0_bp154_2_4_1",true,"ecosystem","7.8.0-bp154.2.4.1","excluding",{"ecosystem":97,"name":85,"vendor":98,"product":99,"cpe_part":9,"purl_type":88,"purl_namespace":98,"purl_name":99,"source":9,"versions":100},"SUSE Linux Enterprise","suse","libheimdal&distro=SUSE Package Hub 15 SP4",[101],{"version":91,"is_range":92,"range_type":93,"version_start":9,"version_start_type":9,"version_end":94,"version_end_type":95,"fixed_in":9}]