Heimdal · Heimdal · CVE-2021-44758
**Name of the Vulnerable Software and Affected Versions**
Heimdal versions prior to 7.7.1
**Description**
The issue allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor. This can be achieved via a `preferred mech type` of `GSS C NO OID` and a nonzero `initial response` value to `send accept`.
**Recommendations**
For Heimdal versions prior to 7.7.1, update to version 7.7.1 or later to resolve the issue.