CVE-2021-20179
Publication date 15 March 2021
Last updated 14 April 2026
Ubuntu priority
Description
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| dogtag-pki | 25.10 questing | Not in release |
| 24.04 LTS noble | Not in release | |
| 22.04 LTS jammy |
Fixed 10.10.2-2
|
|
| 20.04 LTS focal |
Fixed 10.8.3-1ubuntu1+esm1
|
|
| 18.04 LTS bionic |
Fixed 10.6.0-1ubuntu2+esm1
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release |
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu Pro 30-day free trialPatch details
| Package | Patch details |
|---|---|
| dogtag-pki |
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
8.1 · High
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | None |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
References
Related Ubuntu Security Notices (USN)
- USN-8158-1
- Dogtag PKI vulnerability
- 8 April 2026