How severe is CVE-2021-28688?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2021-28688?

This is classified as CWE-665, which is a common weakness in software security.

CVE-2021-28688

MEDIUM Year: 2021

CVSS v3 Score

6.5

Medium

CVSS v2 Score

2.1

Low

Weakness Type

CWE-665

View all →

Vulnerability Description

The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.

CVE-2013-1675

MEDIUM

CVSS:6.5(Medium)

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPr...

CWE-6652013

CVE-2017-10972

MEDIUM

CVSS:6.5(Medium)

Uninitialized data in endianness conversion in the XEvent handling of the X.Org X Server before 2017-06-19 allowed authenticated malicious users to access potentially privileged data from the X server...

CWE-6652017

CVE-2017-3820

MEDIUM

CVSS:6.5(Medium)

A vulnerability in Simple Network Management Protocol (SNMP) functions of Cisco ASR 1000 Series Aggregation Services Routers running Cisco IOS XE Software Release 3.13.6S, 3.16.2S, or 3.17.1S could al...

CWE-6652017

CVE-2018-1174

MEDIUM

CVSS:6.5(Medium)

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that...

CWE-6652018

CVE-2018-1175

MEDIUM

CVSS:6.5(Medium)

CWE-6652018

CVE-2019-11747

MEDIUM

CVSS:6.5(Medium)

The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (...

CWE-6652019

CVE-2021-28688

Vulnerability Description

Related Vulnerabilities

CVE-2013-1675

CVE-2017-10972

CVE-2017-3820

CVE-2018-1174

CVE-2018-1175

CVE-2019-11747