CVE-2021-20179 - AskarLabs CVE Database

CVE-2021-20179

Vendor N/A

Product pki-core

Weakness CWE-863 · Incorrect authorization

Published March 15, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.

Key dates

02Disclosure timeline

March 15, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-20179

Related vulnerabilities

04Related CVE

CVE-2025-3446 Members Without Guest Invite Permissions Can Add Guests to Teams CVE-2025-67740 CVE-2026-40350 Movary User Management (/settings/users) has Authorization Bypass that Allows Low-Privileged Users to Enumerate All Users and Create Administrator Accounts CVE-2026-28709 CVE-2024-27933 Deno arbitrary file descriptor close via `op_node_ipc_pipe()` leading to permission prompt bypass