ID

VAR-202001-1866


CVE

CVE-2020-7595


TITLE

libxml2  Infinite loop vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-001451

DESCRIPTION

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. It exists that libxml2 incorrectly handled certain XML files. (CVE-2019-19956, CVE-2020-7595). Solution: Download the release images via: quay.io/redhat/quay:v3.3.3 quay.io/redhat/clair-jwt:v3.3.3 quay.io/redhat/quay-builder:v3.3.3 quay.io/redhat/clair:v3.3.3 4. Bugs fixed (https://bugzilla.redhat.com/): 1905758 - CVE-2020-27831 quay: email notifications authorization bypass 1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display 5. JIRA issues fixed (https://issues.jboss.org/): PROJQUAY-1124 - NVD feed is broken for latest Clair v2 version 6. Solution: For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/ index.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1790277 - CVE-2019-20372 nginx: HTTP request smuggling in configurations with URL redirect used as error_page 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution 1911314 - CVE-2020-35678 python-autobahn: allows redirect header injection 1928847 - CVE-2021-20253 ansible-tower: Privilege escalation via job isolation escape 5. Bug Fix(es): * Configuring the system with non-RT kernel will hang the system (BZ#1923220) 3. Bugs fixed (https://bugzilla.redhat.com/): 1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service 5. JIRA issues fixed (https://issues.jboss.org/): CNF-802 - Infrastructure-provided enablement/disablement of interrupt processing for guaranteed pod CPUs CNF-854 - Performance tests in CNF Tests 6. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. The compliance-operator image updates are now available for OpenShift Container Platform 4.6. This advisory provides the following updates among others: * Enhances profile parsing time. * Fixes excessive resource consumption from the Operator. * Fixes default content image. * Fixes outdated remediation handling. Solution: For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1918990 - ComplianceSuite scans use quay content image for initContainer 1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present 1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules 1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202010-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libxml2: Multiple vulnerabilities Date: October 20, 2020 Bugs: #710748 ID: 202010-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in libxml2, the worst of which could result in a Denial of Service condition. Background ========== libxml2 is the XML (eXtended Markup Language) C parser and toolkit initially developed for the Gnome project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/libxml2 < 2.9.10 >= 2.9.10 Description =========== Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All libxml2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.10" References ========== [ 1 ] CVE-2019-20388 https://nvd.nist.gov/vuln/detail/CVE-2019-20388 [ 2 ] CVE-2020-7595 https://nvd.nist.gov/vuln/detail/CVE-2020-7595 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202010-04 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Description: Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 5. Description: Red Hat OpenShift Do (odo) is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based and requires no server within the OpenShift cluster for deployment. It detects changes to local code and deploys it to the cluster automatically, giving instant feedback to validate changes in real-time. It supports multiple programming languages and frameworks. Solution: Download and install a new CLI binary by following the instructions linked from the References section. Bugs fixed (https://bugzilla.redhat.com/): 1832983 - Release of 1.1.3 odo-init-image 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: libxml2 security and bug fix update Advisory ID: RHSA-2020:3996-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3996 Issue date: 2020-09-29 CVE Names: CVE-2019-19956 CVE-2019-20388 CVE-2020-7595 ==================================================================== 1. Summary: An update for libxml2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c (CVE-2019-19956) * libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388) * libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The desktop must be restarted (log out, then log back in) for this update to take effect. 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libxml2-2.9.1-6.el7.5.src.rpm x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libxml2-2.9.1-6.el7.5.src.rpm x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libxml2-2.9.1-6.el7.5.src.rpm ppc64: libxml2-2.9.1-6.el7.5.ppc.rpm libxml2-2.9.1-6.el7.5.ppc64.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc64.rpm libxml2-devel-2.9.1-6.el7.5.ppc.rpm libxml2-devel-2.9.1-6.el7.5.ppc64.rpm libxml2-python-2.9.1-6.el7.5.ppc64.rpm ppc64le: libxml2-2.9.1-6.el7.5.ppc64le.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc64le.rpm libxml2-devel-2.9.1-6.el7.5.ppc64le.rpm libxml2-python-2.9.1-6.el7.5.ppc64le.rpm s390x: libxml2-2.9.1-6.el7.5.s390.rpm libxml2-2.9.1-6.el7.5.s390x.rpm libxml2-debuginfo-2.9.1-6.el7.5.s390.rpm libxml2-debuginfo-2.9.1-6.el7.5.s390x.rpm libxml2-devel-2.9.1-6.el7.5.s390.rpm libxml2-devel-2.9.1-6.el7.5.s390x.rpm libxml2-python-2.9.1-6.el7.5.s390x.rpm x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libxml2-debuginfo-2.9.1-6.el7.5.ppc.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc64.rpm libxml2-static-2.9.1-6.el7.5.ppc.rpm libxml2-static-2.9.1-6.el7.5.ppc64.rpm ppc64le: libxml2-debuginfo-2.9.1-6.el7.5.ppc64le.rpm libxml2-static-2.9.1-6.el7.5.ppc64le.rpm s390x: libxml2-debuginfo-2.9.1-6.el7.5.s390.rpm libxml2-debuginfo-2.9.1-6.el7.5.s390x.rpm libxml2-static-2.9.1-6.el7.5.s390.rpm libxml2-static-2.9.1-6.el7.5.s390x.rpm x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libxml2-2.9.1-6.el7.5.src.rpm x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-19956 https://access.redhat.com/security/cve/CVE-2019-20388 https://access.redhat.com/security/cve/CVE-2020-7595 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX3OgG9zjgjWX9erEAQg9vhAAiDkPkj6VlpMKDvgVUY4eU83p4bCnZqos e9kVjDMJrHdYR5iXXc665LOYBG0yyDGdvVLeqxjI9S11UDypRyzy641kwBY6eCru 0yaA88aZ4YpQyIARmmK7cIMFe6JRWHOkEsOfMCtjpbkGLteXdzfUFgJnlRFB0Dai OVrZH3kGb5EbKvJGcWY7cqv5jQhpy802a4EhpHQ1q6vFAbO7D1T6vJlCyP0+ba5N ZoMyrCFWaX5TUjiwFkuyAiSZYyPyxo0+dhqgJaSU44BH4p5imV7c1oh10U7/7k+O Y30M2uLOuArD1ad0t2d23EVr8mRKUr+agoLWC8Pwuq2worTArE/395GKXv2Yvtv9 YCvvCNFIcnG5GaJloqhXkTZM2pCr0+n90WLrNZ0suPArycHU74ROfBNErWegvq2e gpFLyu3S1mpjcBG19Gjg1qgh7FKg57s7PbNzcETK5ParBQeZ4dHHpcr9voP52tYD SJ9ILV9unM5jya5Uwooa6GOFGistLQLntZd22zDcPahu0FxvQlyZFV4oInF0m/7h e/h8NgSwyJKNenZATlsOGmjdcMh95Unztu4bfK8S20/Ej8F/B2PE4Kxha2s0bxsC b9fFKBOIdTCeFi2lTyrctEGQl9ksrW/Va6+uQwe5lKQldwhB3of9QolUu7ud+gdx COt/fBH012Y=udpL -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.61

sources: NVD: CVE-2020-7595 // JVNDB: JVNDB-2020-001451 // VULHUB: VHN-185720 // VULMON: CVE-2020-7595 // PACKETSTORM: 160889 // PACKETSTORM: 161727 // PACKETSTORM: 161548 // PACKETSTORM: 161429 // PACKETSTORM: 159639 // PACKETSTORM: 162130 // PACKETSTORM: 161916 // PACKETSTORM: 159349 // PACKETSTORM: 159552

AFFECTED PRODUCTS

vendor:xmlsoftmodel:libxml2scope:eqversion:2.9.10

Trust: 1.8

vendor:oraclemodel:enterprise manager base platformscope:eqversion:13.5.0.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:32

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:19.10

Trust: 1.0

vendor:oraclemodel:real user experience insightscope:eqversion:13.3.1.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:30

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:oraclemodel:mysql workbenchscope:lteversion:8.0.26

Trust: 1.0

vendor:oraclemodel:real user experience insightscope:eqversion:13.5.1.0

Trust: 1.0

vendor:oraclemodel:enterprise manager base platformscope:eqversion:13.4.0.0

Trust: 1.0

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.58

Trust: 1.0

vendor:netappmodel:h300sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h500sscope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.04

Trust: 1.0

vendor:oraclemodel:real user experience insightscope:eqversion:13.4.1.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:netappmodel:h700escope:eqversion: -

Trust: 1.0

vendor:netappmodel:h500escope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.4.0.0

Trust: 1.0

vendor:netappmodel:h300escope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:netappmodel:smi-s providerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:snapdrivescope:eqversion: -

Trust: 1.0

vendor:siemensmodel:sinema remote connect serverscope:ltversion:3.0

Trust: 1.0

vendor:netappmodel:h410sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:clustered data ontapscope:eqversion: -

Trust: 1.0

vendor:netappmodel:symantec netbackupscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h410cscope:eqversion: -

Trust: 1.0

vendor:oraclemodel:communications cloud native core network function cloud native environmentscope:eqversion:1.10.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:31

Trust: 1.0

vendor:netappmodel:h700sscope:eqversion: -

Trust: 1.0

vendor:xmlsoftmodel:libxml2scope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-001451 // NVD: CVE-2020-7595

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-7595
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2020-7595
value: HIGH

Trust: 1.0

NVD: CVE-2020-7595
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202001-965
value: HIGH

Trust: 0.6

VULHUB: VHN-185720
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-7595
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-7595
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-185720
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-7595
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

NVD: CVE-2020-7595
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-185720 // VULMON: CVE-2020-7595 // CNNVD: CNNVD-202001-965 // JVNDB: JVNDB-2020-001451 // NVD: CVE-2020-7595 // NVD: CVE-2020-7595

PROBLEMTYPE DATA

problemtype:CWE-835

Trust: 1.1

problemtype:infinite loop (CWE-835) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-185720 // JVNDB: JVNDB-2020-001451 // NVD: CVE-2020-7595

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202001-965

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202001-965

PATCH

title:0e1a49c8url:https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076

Trust: 0.8

title:libxml2 Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=109237

Trust: 0.6

title:Debian CVElist Bug Report Logs: libxml2: CVE-2020-7595url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=8128495aba3a49b2f3e0b9ee0e8401af

Trust: 0.1

title:Ubuntu Security Notice: libxml2 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4274-1

Trust: 0.1

title:Red Hat: Moderate: libxml2 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204479 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: libxml2 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203996 - Security Advisory

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-7595 log

Trust: 0.1

title:Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202646 - Security Advisory

Trust: 0.1

title:Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20202644 - Security Advisory

Trust: 0.1

title:Amazon Linux AMI: ALAS-2020-1438url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1438

Trust: 0.1

title:Arch Linux Advisories: [ASA-202011-15] libxml2: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202011-15

Trust: 0.1

title:Amazon Linux 2: ALAS2-2020-1534url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2020-1534

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=0d160980ab72db34060d62c89304b6f2

Trust: 0.1

title:Red Hat: Moderate: Release of OpenShift Serverless 1.11.0url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20205149 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: security update - Red Hat Ansible Tower 3.6 runner release (CVE-2019-18874)url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204255 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: security update - Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204254 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Release of OpenShift Serverless 1.12.0url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210146 - Security Advisory

Trust: 0.1

title:Red Hat: Low: OpenShift Container Platform 4.3.40 security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204264 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210190 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210436 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat Quay v3.3.3 bug fix and security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20210050 - Security Advisory

Trust: 0.1

title:IBM: Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=3201548b0e11fd3ecd83fd36fc045a8e

Trust: 0.1

title:Red Hat: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20205605 - Security Advisory

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d

Trust: 0.1

title: - url:https://github.com/vincent-deng/veracode-container-security-finding-parser

Trust: 0.1

sources: VULMON: CVE-2020-7595 // CNNVD: CNNVD-202001-965 // JVNDB: JVNDB-2020-001451

EXTERNAL IDS

db:NVDid:CVE-2020-7595

Trust: 3.5

db:SIEMENSid:SSA-292794

Trust: 1.8

db:ICS CERTid:ICSA-21-103-08

Trust: 1.8

db:PACKETSTORMid:159349

Trust: 0.8

db:PACKETSTORMid:161916

Trust: 0.8

db:PACKETSTORMid:159639

Trust: 0.8

db:JVNid:JVNVU96269392

Trust: 0.8

db:JVNDBid:JVNDB-2020-001451

Trust: 0.8

db:PACKETSTORMid:159851

Trust: 0.7

db:PACKETSTORMid:162694

Trust: 0.7

db:CNNVDid:CNNVD-202001-965

Trust: 0.7

db:AUSCERTid:ESB-2021.0584

Trust: 0.6

db:AUSCERTid:ESB-2023.3732

Trust: 0.6

db:AUSCERTid:ESB-2021.1207

Trust: 0.6

db:AUSCERTid:ESB-2020.3535

Trust: 0.6

db:AUSCERTid:ESB-2021.2604

Trust: 0.6

db:AUSCERTid:ESB-2021.1744

Trust: 0.6

db:AUSCERTid:ESB-2020.0902

Trust: 0.6

db:AUSCERTid:ESB-2020.4513

Trust: 0.6

db:AUSCERTid:ESB-2021.1242

Trust: 0.6

db:AUSCERTid:ESB-2021.1727

Trust: 0.6

db:AUSCERTid:ESB-2020.3364

Trust: 0.6

db:AUSCERTid:ESB-2020.1564

Trust: 0.6

db:AUSCERTid:ESB-2020.2162

Trust: 0.6

db:AUSCERTid:ESB-2020.1826

Trust: 0.6

db:AUSCERTid:ESB-2021.0234

Trust: 0.6

db:AUSCERTid:ESB-2020.3631

Trust: 0.6

db:AUSCERTid:ESB-2021.0864

Trust: 0.6

db:AUSCERTid:ESB-2020.0471

Trust: 0.6

db:AUSCERTid:ESB-2021.0845

Trust: 0.6

db:AUSCERTid:ESB-2020.3868

Trust: 0.6

db:AUSCERTid:ESB-2021.0986

Trust: 0.6

db:AUSCERTid:ESB-2022.3550

Trust: 0.6

db:AUSCERTid:ESB-2021.0691

Trust: 0.6

db:AUSCERTid:ESB-2020.3248

Trust: 0.6

db:AUSCERTid:ESB-2020.4100

Trust: 0.6

db:AUSCERTid:ESB-2020.3102

Trust: 0.6

db:AUSCERTid:ESB-2021.0319

Trust: 0.6

db:AUSCERTid:ESB-2021.1193

Trust: 0.6

db:AUSCERTid:ESB-2021.0171

Trust: 0.6

db:AUSCERTid:ESB-2021.3072

Trust: 0.6

db:AUSCERTid:ESB-2021.0099

Trust: 0.6

db:AUSCERTid:ESB-2020.1638

Trust: 0.6

db:AUSCERTid:ESB-2021.4058

Trust: 0.6

db:PACKETSTORMid:158168

Trust: 0.6

db:CS-HELPid:SB2021041514

Trust: 0.6

db:CS-HELPid:SB2021091331

Trust: 0.6

db:CS-HELPid:SB2021052216

Trust: 0.6

db:CS-HELPid:SB2022072097

Trust: 0.6

db:CS-HELPid:SB2021111735

Trust: 0.6

db:CNVDid:CNVD-2020-04827

Trust: 0.1

db:VULHUBid:VHN-185720

Trust: 0.1

db:VULMONid:CVE-2020-7595

Trust: 0.1

db:PACKETSTORMid:160889

Trust: 0.1

db:PACKETSTORMid:161727

Trust: 0.1

db:PACKETSTORMid:161548

Trust: 0.1

db:PACKETSTORMid:161429

Trust: 0.1

db:PACKETSTORMid:162130

Trust: 0.1

db:PACKETSTORMid:159552

Trust: 0.1

sources: VULHUB: VHN-185720 // VULMON: CVE-2020-7595 // PACKETSTORM: 160889 // PACKETSTORM: 161727 // PACKETSTORM: 161548 // PACKETSTORM: 161429 // PACKETSTORM: 159639 // PACKETSTORM: 162130 // PACKETSTORM: 161916 // PACKETSTORM: 159349 // PACKETSTORM: 159552 // CNNVD: CNNVD-202001-965 // JVNDB: JVNDB-2020-001451 // NVD: CVE-2020-7595

REFERENCES

url:https://usn.ubuntu.com/4274-1/

Trust: 2.5

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08

Trust: 2.4

url:https://www.oracle.com/security-alerts/cpujul2020.html

Trust: 2.4

url:https://security.gentoo.org/glsa/202010-04

Trust: 1.9

url:https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf

Trust: 1.8

url:https://security.netapp.com/advisory/ntap-20200702-0005/

Trust: 1.8

url:https://gitlab.gnome.org/gnome/libxml2/commit/0e1a49c89076

Trust: 1.8

url:https://www.oracle.com/security-alerts/cpuapr2022.html

Trust: 1.8

url:https://www.oracle.com/security-alerts/cpujul2022.html

Trust: 1.8

url:https://www.oracle.com/security-alerts/cpuoct2021.html

Trust: 1.8

url:https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-7595

Trust: 1.7

url:https://access.redhat.com/security/cve/cve-2020-7595

Trust: 1.4

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545spoi3zppnpx4tfrive4jvrtjrkull/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5r55zr52rmbx24tqtwhciwkjvrv6yawi/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jdpf3aavkuakdyfmfksiqsvvs3eefpqh/

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20388

Trust: 0.9

url:https://access.redhat.com/security/cve/cve-2019-20388

Trust: 0.8

url:https://bugzilla.redhat.com/):

Trust: 0.8

url:https://access.redhat.com/security/team/contact/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-19956

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2019-19956

Trust: 0.8

url:https://jvn.jp/vu/jvnvu96269392/index.html

Trust: 0.8

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5r55zr52rmbx24tqtwhciwkjvrv6yawi/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545spoi3zppnpx4tfrive4jvrtjrkull/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jdpf3aavkuakdyfmfksiqsvvs3eefpqh/

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2019-15903

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2018-20843

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2018-20843

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-15903

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2019-20907

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-1971

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2019-20907

Trust: 0.6

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6455281

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3535/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0902/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3248/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021052216

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.2162/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1727

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1207

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-libxml2-vulnerabilities-cve-2019-19956-cve-2019-20388-cve-2020-7595/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-4/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0171/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3072

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerabilities-in-libxml2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4100/

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6520474

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0845

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0691

Trust: 0.6

url:https://packetstormsecurity.com/files/162694/red-hat-security-advisory-2021-2021-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0099/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4058

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1638/

Trust: 0.6

url:https://vigilance.fr/vulnerability/libxml2-infinite-loop-via-xmlstringlendecodeentities-31396

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3868/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1744

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022072097

Trust: 0.6

url:https://packetstormsecurity.com/files/158168/red-hat-security-advisory-2020-2646-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021111735

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0319/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0471/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4513/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-network-security-is-affected-by-multiple-vulnerabilities-2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0234/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0584

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-6/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1193

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1564/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-flex-system-chassis-management-module-cmm-is-affected-by-vulnerabilities-in-libxml2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0864

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.3732

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0986

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-bootable-media-creator-bomc-is-affected-by-vulnerabilities-in-libxml2/

Trust: 0.6

url:https://packetstormsecurity.com/files/159349/red-hat-security-advisory-2020-3996-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-6/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021091331

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2604

Trust: 0.6

url:https://packetstormsecurity.com/files/159851/red-hat-security-advisory-2020-4479-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1242

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041514

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1826/

Trust: 0.6

url:https://packetstormsecurity.com/files/159639/gentoo-linux-security-advisory-202010-04.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3102/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3550

Trust: 0.6

url:https://packetstormsecurity.com/files/161916/red-hat-security-advisory-2021-0949-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-products-are-affected-by-vulnerabilities-in-libxml2/

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-5/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3631/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3364/

Trust: 0.6

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-16935

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-16935

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-17006

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-12749

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12401

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-14866

Trust: 0.4

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-17006

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-11719

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-17023

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-17023

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-12749

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-6829

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-14866

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-8177

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12403

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-12400

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-11756

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-11756

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12243

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12400

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-11727

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-12243

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-11719

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-11727

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-17498

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-17498

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-12402

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-13050

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20218

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-15165

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-14382

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20454

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-19221

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-1751

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-19906

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-5018

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-16168

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-24659

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-9327

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20916

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-5018

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-14422

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-14889

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-1730

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-19906

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20387

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20387

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-13627

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20916

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-1752

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-19221

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-15165

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-8492

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20454

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-13627

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-6405

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-13050

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-14889

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-16168

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13632

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20218

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-10029

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13630

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13631

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-12402

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-1971

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-12401

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-12403

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-5188

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-5094

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-5188

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-5094

Trust: 0.3

url:https://issues.jboss.org/):

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9925

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9802

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9895

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8625

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8812

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3899

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8819

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3867

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8720

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9893

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8808

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3902

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3900

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8743

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9805

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8820

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9807

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8769

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8710

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8813

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9850

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8710

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8811

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9803

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9862

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3885

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-15503

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20807

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-10018

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8835

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8764

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8844

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3865

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3864

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-14391

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3862

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3901

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8823

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3895

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-11793

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8720

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9894

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8816

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9843

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8771

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3897

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9806

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8814

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8743

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-9915

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8815

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8625

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8783

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20807

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8766

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3868

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8846

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-3894

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-8782

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-12723

Trust: 0.2

url:https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-12723

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-25211

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-20386

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-20386

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-19126

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-19126

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/835.html

Trust: 0.1

url:https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949582

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0050

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8771

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27831

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8769

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27832

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8764

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8766

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11023

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-20372

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10878

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20228

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20253

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11023

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0778

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11022

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20191

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20180

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-5766

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10878

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20178

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-5766

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-20372

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11022

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-35678

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10726

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17450

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10723

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10725

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10723

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10725

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10722

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10722

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13631

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10029

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13630

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17450

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10726

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27813

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:5364

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:5633

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11068

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18197

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-1551

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-1551

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.6/updating/updating-cluster

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28362

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0436

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11068

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1129

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25645

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25656

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28374

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14351

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25705

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management/2.10/html-single/installing_3scale/index

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29661

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20265

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-0427

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14351

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19532

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-7053

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14040

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9283

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-0427

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19532

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#low

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:0949

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-8177

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.4/cli_reference/openshift_developer_cli/installing-odo.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-6829

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:3996

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2017-12652

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-1240

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-18874

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-12450

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17546

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14973

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-17546

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4254

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14822

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-12652

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14822

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18874

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14365

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5482

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14973

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5482

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-5313

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-12450

Trust: 0.1

sources: VULHUB: VHN-185720 // VULMON: CVE-2020-7595 // PACKETSTORM: 160889 // PACKETSTORM: 161727 // PACKETSTORM: 161548 // PACKETSTORM: 161429 // PACKETSTORM: 159639 // PACKETSTORM: 162130 // PACKETSTORM: 161916 // PACKETSTORM: 159349 // PACKETSTORM: 159552 // CNNVD: CNNVD-202001-965 // JVNDB: JVNDB-2020-001451 // NVD: CVE-2020-7595

CREDITS

Red Hat

Trust: 1.4

sources: PACKETSTORM: 160889 // PACKETSTORM: 161727 // PACKETSTORM: 161548 // PACKETSTORM: 161429 // PACKETSTORM: 162130 // PACKETSTORM: 161916 // PACKETSTORM: 159349 // PACKETSTORM: 159552 // CNNVD: CNNVD-202001-965

SOURCES

db:VULHUBid:VHN-185720
db:VULMONid:CVE-2020-7595
db:PACKETSTORMid:160889
db:PACKETSTORMid:161727
db:PACKETSTORMid:161548
db:PACKETSTORMid:161429
db:PACKETSTORMid:159639
db:PACKETSTORMid:162130
db:PACKETSTORMid:161916
db:PACKETSTORMid:159349
db:PACKETSTORMid:159552
db:CNNVDid:CNNVD-202001-965
db:JVNDBid:JVNDB-2020-001451
db:NVDid:CVE-2020-7595

LAST UPDATE DATE

2026-06-30T22:15:55.208000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-185720date:2022-07-25T00:00:00
db:VULMONid:CVE-2020-7595date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202001-965date:2023-06-30T00:00:00
db:JVNDBid:JVNDB-2020-001451date:2021-06-16T04:57:00
db:NVDid:CVE-2020-7595date:2026-06-17T03:25:05.280

SOURCES RELEASE DATE

db:VULHUBid:VHN-185720date:2020-01-21T00:00:00
db:VULMONid:CVE-2020-7595date:2020-01-21T00:00:00
db:PACKETSTORMid:160889date:2021-01-11T16:29:48
db:PACKETSTORMid:161727date:2021-03-09T16:25:11
db:PACKETSTORMid:161548date:2021-02-25T15:30:03
db:PACKETSTORMid:161429date:2021-02-16T15:44:48
db:PACKETSTORMid:159639date:2020-10-20T20:13:39
db:PACKETSTORMid:162130date:2021-04-08T14:00:00
db:PACKETSTORMid:161916date:2021-03-22T15:36:55
db:PACKETSTORMid:159349date:2020-09-30T15:43:22
db:PACKETSTORMid:159552date:2020-10-14T16:52:12
db:CNNVDid:CNNVD-202001-965date:2020-01-21T00:00:00
db:JVNDBid:JVNDB-2020-001451date:2020-02-07T00:00:00
db:NVDid:CVE-2020-7595date:2020-01-21T23:15:13.867