Details of VAR-202005-0397

ID

VAR-202005-0397

CVE

CVE-2020-12762

TITLE

json-c Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-005140

DESCRIPTION

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. (DoS) It may be in a state. Summary: The Migration Toolkit for Containers (MTC) 1.6.3 is now available. Description: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Solution: For details on how to install and use MTC, refer to: https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2019088 - "MigrationController" CR displays syntax error when unquiescing applications 2021666 - Route name longer than 63 characters causes direct volume migration to fail 2021668 - "MigrationController" CR ignores the "cluster_subdomain" value for direct volume migration routes 2022017 - CVE-2021-3948 mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC) 2024966 - Manifests not used by Operator Lifecycle Manager must be removed from the MTC 1.6 Operator image 2027196 - "migration-controller" pod goes into "CrashLoopBackoff" state if an invalid registry route is entered on the "Clusters" page of the web console 2027382 - "Copy oc describe/oc logs" window does not close automatically after timeout 2028841 - "rsync-client" container fails during direct volume migration with "Address family not supported by protocol" error 2031793 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "includedResources" resource 2039852 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "destMigClusterRef" or "srcMigClusterRef" 5. Solution: OSP 16.2.z Release - OSP Director Operator Containers 4. Bugs fixed (https://bugzilla.redhat.com/): 2025995 - Rebase tech preview on latest upstream v1.2.x branch 2030801 - CVE-2021-44716 golang: net/http: limit growth of header canonicalization cache 2036784 - osp controller (fencing enabled) in downed state after system manual crash test 5. The following data is constructed from data provided by Red Hat's json file at: https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6976.json Red Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness. It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment. Description: The libfastjson library provides essential JavaScript Object Notation (JSON) handling functions. The library enables users to construct JSON objects in C, output them as JSON-formatted strings, and convert JSON-formatted strings back to the C representation of JSON objects. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202006-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: json-c: Multiple vulnerabilities Date: June 15, 2020 Bugs: #722150 ID: 202006-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in json-c, the worst of which could result in a Denial of Service condition. Background ========= json-c is a JSON implementation in C. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/json-c < 0.14-r3 >= 0.14-r3 Description ========== Multiple vulnerabilities have been discovered in json-c. Please review the CVE identifiers referenced below for details. Impact ===== A remote/local attacker could send a specially crafted file possibly resulting in a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All json-c users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">\xdev-libs/json-c-0.14-r3" References ========= [ 1 ] CVE-2020-12762 https://nvd.nist.gov/vuln/detail/CVE-2020-12762 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202006-13 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Description: Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Bugs fixed (https://bugzilla.redhat.com/): 2050826 - CVE-2022-24348 gitops: Path traversal and dereference of symlinks when passing Helm value files 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Openshift Logging 5.3.0 bug fix and security update Advisory ID: RHSA-2021:4627-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2021:4627 Issue date: 2021-11-15 CVE Names: CVE-2018-20673 CVE-2018-25009 CVE-2018-25010 CVE-2018-25012 CVE-2018-25013 CVE-2018-25014 CVE-2019-5827 CVE-2019-13750 CVE-2019-13751 CVE-2019-14615 CVE-2019-17594 CVE-2019-17595 CVE-2019-18218 CVE-2019-19603 CVE-2019-20838 CVE-2020-0427 CVE-2020-10001 CVE-2020-12762 CVE-2020-13435 CVE-2020-14145 CVE-2020-14155 CVE-2020-16135 CVE-2020-17541 CVE-2020-24370 CVE-2020-24502 CVE-2020-24503 CVE-2020-24504 CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26139 CVE-2020-26140 CVE-2020-26141 CVE-2020-26143 CVE-2020-26144 CVE-2020-26145 CVE-2020-26146 CVE-2020-26147 CVE-2020-27777 CVE-2020-29368 CVE-2020-29660 CVE-2020-35448 CVE-2020-35521 CVE-2020-35522 CVE-2020-35523 CVE-2020-35524 CVE-2020-36158 CVE-2020-36312 CVE-2020-36330 CVE-2020-36331 CVE-2020-36332 CVE-2020-36386 CVE-2021-0129 CVE-2021-3200 CVE-2021-3348 CVE-2021-3426 CVE-2021-3445 CVE-2021-3481 CVE-2021-3487 CVE-2021-3489 CVE-2021-3564 CVE-2021-3572 CVE-2021-3573 CVE-2021-3580 CVE-2021-3600 CVE-2021-3635 CVE-2021-3659 CVE-2021-3679 CVE-2021-3732 CVE-2021-3778 CVE-2021-3796 CVE-2021-3800 CVE-2021-20194 CVE-2021-20197 CVE-2021-20231 CVE-2021-20232 CVE-2021-20239 CVE-2021-20266 CVE-2021-20284 CVE-2021-22876 CVE-2021-22898 CVE-2021-22925 CVE-2021-23133 CVE-2021-23840 CVE-2021-23841 CVE-2021-27645 CVE-2021-28153 CVE-2021-28950 CVE-2021-28971 CVE-2021-29155 CVE-2021-29646 CVE-2021-29650 CVE-2021-31440 CVE-2021-31535 CVE-2021-31829 CVE-2021-31916 CVE-2021-33033 CVE-2021-33194 CVE-2021-33200 CVE-2021-33560 CVE-2021-33574 CVE-2021-35942 CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 CVE-2021-42574 ===================================================================== 1. Summary: An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Openshift Logging Bug Fix Release (5.3.0) Security Fix(es): * golang: x/net/html: infinite loop in ParseFragment (CVE-2021-33194) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update: https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html For Red Hat OpenShift Logging 5.3, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment 5. JIRA issues fixed (https://issues.jboss.org/): LOG-1168 - Disable hostname verification in syslog TLS settings LOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd LOG-1375 - ssl_ca_cert should be optional LOG-1378 - CLO should support sasl_plaintext(Password over http) LOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate LOG-1494 - Syslog output is serializing json incorrectly LOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server LOG-1575 - Rejected by Elasticsearch and unexpected json-parsing LOG-1735 - Regression introducing flush_at_shutdown LOG-1774 - The collector logs should be excluded in fluent.conf LOG-1776 - fluentd total_limit_size sets value beyond available space LOG-1822 - OpenShift Alerting Rules Style-Guide Compliance LOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled LOG-1862 - Unsupported kafka parameters when enabled Kafka SASL LOG-1903 - Fix the Display of ClusterLogging type in OLM LOG-1911 - CLF API changes to Opt-in to multiline error detection LOG-1918 - Alert `FluentdNodeDown` always firing LOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding 6. References: https://access.redhat.com/security/cve/CVE-2018-20673 https://access.redhat.com/security/cve/CVE-2018-25009 https://access.redhat.com/security/cve/CVE-2018-25010 https://access.redhat.com/security/cve/CVE-2018-25012 https://access.redhat.com/security/cve/CVE-2018-25013 https://access.redhat.com/security/cve/CVE-2018-25014 https://access.redhat.com/security/cve/CVE-2019-5827 https://access.redhat.com/security/cve/CVE-2019-13750 https://access.redhat.com/security/cve/CVE-2019-13751 https://access.redhat.com/security/cve/CVE-2019-14615 https://access.redhat.com/security/cve/CVE-2019-17594 https://access.redhat.com/security/cve/CVE-2019-17595 https://access.redhat.com/security/cve/CVE-2019-18218 https://access.redhat.com/security/cve/CVE-2019-19603 https://access.redhat.com/security/cve/CVE-2019-20838 https://access.redhat.com/security/cve/CVE-2020-0427 https://access.redhat.com/security/cve/CVE-2020-10001 https://access.redhat.com/security/cve/CVE-2020-12762 https://access.redhat.com/security/cve/CVE-2020-13435 https://access.redhat.com/security/cve/CVE-2020-14145 https://access.redhat.com/security/cve/CVE-2020-14155 https://access.redhat.com/security/cve/CVE-2020-16135 https://access.redhat.com/security/cve/CVE-2020-17541 https://access.redhat.com/security/cve/CVE-2020-24370 https://access.redhat.com/security/cve/CVE-2020-24502 https://access.redhat.com/security/cve/CVE-2020-24503 https://access.redhat.com/security/cve/CVE-2020-24504 https://access.redhat.com/security/cve/CVE-2020-24586 https://access.redhat.com/security/cve/CVE-2020-24587 https://access.redhat.com/security/cve/CVE-2020-24588 https://access.redhat.com/security/cve/CVE-2020-26139 https://access.redhat.com/security/cve/CVE-2020-26140 https://access.redhat.com/security/cve/CVE-2020-26141 https://access.redhat.com/security/cve/CVE-2020-26143 https://access.redhat.com/security/cve/CVE-2020-26144 https://access.redhat.com/security/cve/CVE-2020-26145 https://access.redhat.com/security/cve/CVE-2020-26146 https://access.redhat.com/security/cve/CVE-2020-26147 https://access.redhat.com/security/cve/CVE-2020-27777 https://access.redhat.com/security/cve/CVE-2020-29368 https://access.redhat.com/security/cve/CVE-2020-29660 https://access.redhat.com/security/cve/CVE-2020-35448 https://access.redhat.com/security/cve/CVE-2020-35521 https://access.redhat.com/security/cve/CVE-2020-35522 https://access.redhat.com/security/cve/CVE-2020-35523 https://access.redhat.com/security/cve/CVE-2020-35524 https://access.redhat.com/security/cve/CVE-2020-36158 https://access.redhat.com/security/cve/CVE-2020-36312 https://access.redhat.com/security/cve/CVE-2020-36330 https://access.redhat.com/security/cve/CVE-2020-36331 https://access.redhat.com/security/cve/CVE-2020-36332 https://access.redhat.com/security/cve/CVE-2020-36386 https://access.redhat.com/security/cve/CVE-2021-0129 https://access.redhat.com/security/cve/CVE-2021-3200 https://access.redhat.com/security/cve/CVE-2021-3348 https://access.redhat.com/security/cve/CVE-2021-3426 https://access.redhat.com/security/cve/CVE-2021-3445 https://access.redhat.com/security/cve/CVE-2021-3481 https://access.redhat.com/security/cve/CVE-2021-3487 https://access.redhat.com/security/cve/CVE-2021-3489 https://access.redhat.com/security/cve/CVE-2021-3564 https://access.redhat.com/security/cve/CVE-2021-3572 https://access.redhat.com/security/cve/CVE-2021-3573 https://access.redhat.com/security/cve/CVE-2021-3580 https://access.redhat.com/security/cve/CVE-2021-3600 https://access.redhat.com/security/cve/CVE-2021-3635 https://access.redhat.com/security/cve/CVE-2021-3659 https://access.redhat.com/security/cve/CVE-2021-3679 https://access.redhat.com/security/cve/CVE-2021-3732 https://access.redhat.com/security/cve/CVE-2021-3778 https://access.redhat.com/security/cve/CVE-2021-3796 https://access.redhat.com/security/cve/CVE-2021-3800 https://access.redhat.com/security/cve/CVE-2021-20194 https://access.redhat.com/security/cve/CVE-2021-20197 https://access.redhat.com/security/cve/CVE-2021-20231 https://access.redhat.com/security/cve/CVE-2021-20232 https://access.redhat.com/security/cve/CVE-2021-20239 https://access.redhat.com/security/cve/CVE-2021-20266 https://access.redhat.com/security/cve/CVE-2021-20284 https://access.redhat.com/security/cve/CVE-2021-22876 https://access.redhat.com/security/cve/CVE-2021-22898 https://access.redhat.com/security/cve/CVE-2021-22925 https://access.redhat.com/security/cve/CVE-2021-23133 https://access.redhat.com/security/cve/CVE-2021-23840 https://access.redhat.com/security/cve/CVE-2021-23841 https://access.redhat.com/security/cve/CVE-2021-27645 https://access.redhat.com/security/cve/CVE-2021-28153 https://access.redhat.com/security/cve/CVE-2021-28950 https://access.redhat.com/security/cve/CVE-2021-28971 https://access.redhat.com/security/cve/CVE-2021-29155 https://access.redhat.com/security/cve/CVE-2021-29646 https://access.redhat.com/security/cve/CVE-2021-29650 https://access.redhat.com/security/cve/CVE-2021-31440 https://access.redhat.com/security/cve/CVE-2021-31535 https://access.redhat.com/security/cve/CVE-2021-31829 https://access.redhat.com/security/cve/CVE-2021-31916 https://access.redhat.com/security/cve/CVE-2021-33033 https://access.redhat.com/security/cve/CVE-2021-33194 https://access.redhat.com/security/cve/CVE-2021-33200 https://access.redhat.com/security/cve/CVE-2021-33560 https://access.redhat.com/security/cve/CVE-2021-33574 https://access.redhat.com/security/cve/CVE-2021-35942 https://access.redhat.com/security/cve/CVE-2021-36084 https://access.redhat.com/security/cve/CVE-2021-36085 https://access.redhat.com/security/cve/CVE-2021-36086 https://access.redhat.com/security/cve/CVE-2021-36087 https://access.redhat.com/security/cve/CVE-2021-42574 https://access.redhat.com/security/updates/classification/#moderate 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYZJxoNzjgjWX9erEAQji2Q//bv8hVZq0D8Dz0Do5vdoPzpjDhM6wJr7U 3CqAqcxniXvHVbBiPHPsY3p3M62FSO5lg4oZnVfokEtrZmLe9ULZWLlNxVilAUCT 0urKKWCAIXF+QJcW9/KCuIfaMh8Mmvh2baq52azauCHCJ3UK9ontiGWqyUz/aq9F TM4P/eehnUU1WXAz9x4ycHP7fHZBuADkI8WOUZ5M/QpcoEvo7rLFdyat5MpMkeJx j7gGieb2ITvblxEML3LRdPljQxe56w7p2jC/EoXJnssjABozlWB936Ub/QSulGuz +HQS+RnAGxRRpNcs1wNQzpIkCFJN2S0jlEj5VLB8xLbZTYtILWhIx4rlwaFy6NJn /z7hpEfSAgmhPTejshI/2Gfu/sc+KStEJk2IasWO1wqQWRqYGVeLwgHxBt2wpX+I XJUjhkAdhAWyDfEhPXzpbN4dhmDk0QiGfL3KWZ8nO54IFQgZHT1P1YArnI1hMWC7 JhTyj1DtFOKJl8X28wf6RNui+ifD12hmIAuQRuJTPjZbTnywwpMy+Sq9mrfeHztb gPt2AqOPF5ksNB6OsjVKlMScLlLJzzlkBVgmurXaly0z2qLjy0Rl70oWeMOW4xUD 4Ravk3PLEMqSIHv0ECr4ku5ejMV1Rd46USrgVX2R0CALXIxPkk1IEN8hHmzIGz2D HHJuAvrlroc= =di1X -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . The Red Hat OpenShift distributed tracing release notes provide information on the features and known issues: https://docs.openshift.com/container-platform/latest/distr_tracing/distributed-tracing-release-notes.html 3. Bugs fixed (https://bugzilla.redhat.com/): 1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet 1995656 - CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic 5. JIRA issues fixed (https://issues.jboss.org/): TRACING-2235 - Release RHOSDT 2.1 6

Trust: 2.52

sources: NVD: CVE-2020-12762 // JVNDB: JVNDB-2020-005140 // VULMON: CVE-2020-12762 // PACKETSTORM: 165631 // PACKETSTORM: 166308 // PACKETSTORM: 166789 // PACKETSTORM: 175705 // PACKETSTORM: 176732 // PACKETSTORM: 158084 // PACKETSTORM: 166051 // PACKETSTORM: 164967 // PACKETSTORM: 165758

AFFECTED PRODUCTS

vendor:	fedoraproject	model:	fedora	scope:	eq	version:	30	Trust: 1.0
vendor:	json c	model:	json-c	scope:	lt	version:	0.15-20200726	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	12.04	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	31	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	10.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	20.04	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	19.10	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	32	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.0
vendor:	siemens	model:	sinec ins	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinec ins	scope:	eq	version:	1.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	json c	model:	json-c	scope:	eq	version:	0.14 to	Trust: 0.8
vendor:	json c	model:	json-c	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2020-005140 // NVD: CVE-2020-12762

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-12762
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-12762
value:	HIGH
Trust: 0.8
VULMON:	CVE-2020-12762
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-12762
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9

nvd@nist.gov:	CVE-2020-12762
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2020-12762
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULMON: CVE-2020-12762 // JVNDB: JVNDB-2020-005140 // NVD: CVE-2020-12762

PROBLEMTYPE DATA

problemtype:	CWE-787	Trust: 1.0
problemtype:	CWE-190	Trust: 1.0
problemtype:	Integer overflow or wraparound (CWE-190) [NVD evaluation ]	Trust: 0.8
problemtype:	Out-of-bounds writing (CWE-787) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-005140 // NVD: CVE-2020-12762

TYPE

overflow

Trust: 0.2

sources: PACKETSTORM: 175705 // PACKETSTORM: 176732

PATCH

title:	Prevent out of boundary write on malicious input #592	url:	https://github.com/json-c/json-c/pull/592	Trust: 0.8
title:	Ubuntu Security Notice: json-c vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4360-1	Trust: 0.1
title:	Ubuntu Security Notice: json-c vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4360-4	Trust: 0.1
title:	Debian CVElist Bug Report Logs: json-c: CVE-2020-12762	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=136719ded61e273212f821541d12e175	Trust: 0.1
title:	Debian Security Advisories: DSA-4741-1 json-c -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=20b6b384fb69b76b5f17fc7ea1278139	Trust: 0.1
title:	Red Hat: Moderate: libfastjson security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20236431 - Security Advisory	Trust: 0.1
title:	Amazon Linux AMI: ALAS-2020-1381	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1381	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2020-1442	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2020-1442	Trust: 0.1
title:	Amazon Linux 2: ALAS2-2023-2079	url:	https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2023-2079	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-12762 log	Trust: 0.1
title:	Red Hat: Moderate: Release of OpenShift Serverless 1.20.0	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220434 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat OpenShift distributed tracing 2.1.0 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220318 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Release of containers for OSP 16.2 director operator tech preview	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220842 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Gatekeeper Operator v0.2 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20221081 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: Red Hat OpenShift GitOps security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220580 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Red Hat Advanced Cluster Management 2.2.11 security updates and bug fixes	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220856 - Security Advisory	Trust: 0.1
title:	Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.5.4 security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20221396 - Security Advisory	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1
title:	clamav-win32	url:	https://github.com/clamwin/clamav-win32	Trust: 0.1
title:	-	url:	https://github.com/vincent-deng/veracode-container-security-finding-parser	Trust: 0.1

sources: VULMON: CVE-2020-12762 // JVNDB: JVNDB-2020-005140

EXTERNAL IDS

db:	NVD	id:	CVE-2020-12762	Trust: 3.6
db:	SIEMENS	id:	SSA-637483	Trust: 1.1
db:	ICS CERT	id:	ICSA-22-258-05	Trust: 0.9
db:	JVN	id:	JVNVU99475301	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-005140	Trust: 0.8
db:	VULMON	id:	CVE-2020-12762	Trust: 0.1
db:	PACKETSTORM	id:	165631	Trust: 0.1
db:	PACKETSTORM	id:	166308	Trust: 0.1
db:	PACKETSTORM	id:	166789	Trust: 0.1
db:	PACKETSTORM	id:	175705	Trust: 0.1
db:	PACKETSTORM	id:	176732	Trust: 0.1
db:	PACKETSTORM	id:	158084	Trust: 0.1
db:	PACKETSTORM	id:	166051	Trust: 0.1
db:	PACKETSTORM	id:	164967	Trust: 0.1
db:	PACKETSTORM	id:	165758	Trust: 0.1

sources: VULMON: CVE-2020-12762 // JVNDB: JVNDB-2020-005140 // PACKETSTORM: 165631 // PACKETSTORM: 166308 // PACKETSTORM: 166789 // PACKETSTORM: 175705 // PACKETSTORM: 176732 // PACKETSTORM: 158084 // PACKETSTORM: 166051 // PACKETSTORM: 164967 // PACKETSTORM: 165758 // NVD: CVE-2020-12762

REFERENCES

url:	https://nvd.nist.gov/vuln/detail/cve-2020-12762	Trust: 1.7
url:	https://usn.ubuntu.com/4360-1/	Trust: 1.2
url:	https://security.gentoo.org/glsa/202006-13	Trust: 1.2
url:	https://github.com/json-c/json-c/pull/592	Trust: 1.1
url:	https://github.com/rsyslog/libfastjson/issues/161	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2020/05/msg00032.html	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2020/05/msg00034.html	Trust: 1.1
url:	https://usn.ubuntu.com/4360-4/	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2020/07/msg00031.html	Trust: 1.1
url:	https://www.debian.org/security/2020/dsa-4741	Trust: 1.1
url:	https://security.netapp.com/advisory/ntap-20210521-0001/	Trust: 1.1
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Trust: 1.1
url:	https://lists.debian.org/debian-lts-announce/2023/06/msg00023.html	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/cqqrrgbqcawnccj2hn3w5sscz4qgmxqi/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/cbr36ixybhitazfb5pfbjted22wo5onb/	Trust: 1.1
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/w226tscjbeoxdufvknwnh7etg7ar6mcs/	Trust: 1.1
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05	Trust: 0.9
url:	http://jvn.jp/vu/jvnvu99475301/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-16135	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-3200	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5827	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-13435	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-5827	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-24370	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-13751	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-19603	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-17594	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-3572	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-12762	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-36086	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13750	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13751	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-22898	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-16135	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-36084	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-3800	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17594	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-36087	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-3445	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13435	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-19603	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-22925	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-18218	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-20232	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-20838	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-22876	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-20231	Trust: 0.6
url:	https://listman.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2020-14155	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-20838	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-36085	Trust: 0.6
url:	https://bugzilla.redhat.com/):	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-33560	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-17595	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-42574	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14155	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-28153	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-13750	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-3426	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2019-18218	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-3580	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-17595	Trust: 0.6
url:	https://access.redhat.com/security/team/contact/	Trust: 0.6
url:	https://access.redhat.com/security/updates/classification/#moderate	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2021-27645	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-33574	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-35942	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24370	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2021-3712	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20231	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20232	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-28153	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22925	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22898	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22876	Trust: 0.4
url:	https://access.redhat.com/security/cve/cve-2020-14145	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14145	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-3778	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-20266	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-3796	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33560	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27645	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3200	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-33574	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2021-3521	Trust: 0.3
url:	https://access.redhat.com/articles/11258	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2018-25013	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-37750	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25012	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-35522	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-35524	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25013	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25009	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-43527	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-10001	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-25014	Trust: 0.2
url:	https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-25012	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-35521	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2016-4658	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-17541	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-36331	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-31535	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-36330	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2016-4658	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-36332	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25010	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-10001	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-20271	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-25014	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-3481	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-25009	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-25010	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2020-35523	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-4122	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-44716	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2022-24407	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3426	Trust: 0.2
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3445	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2021-36221	Trust: 0.2
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1835253	Trust: 0.2
url:	https://issues.jboss.org/):	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/787.html	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/190.html	Trust: 0.1
url:	https://github.com/clamwin/clamav-win32	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27823	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3733	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-1870	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3575	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30758	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-13558	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-15389	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33938	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-5727	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33929	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5785	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-41617	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30665	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-12973	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30689	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20847	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30682	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33928	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22946	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-18032	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-1801	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33930	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-1765	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-20845	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-26927	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-20847	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27918	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30749	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30795	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-5785	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-1788	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5727	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30744	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-21775	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-21806	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27814	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36241	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30797	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-13558	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20321	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27842	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-1799	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-21779	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-29623	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3948	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-22947	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27828	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12973	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20845	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-1844	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-1871	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-29338	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30734	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-26926	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30720	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-28650	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27843	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24870	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27845	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-1789	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30663	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-30799	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3272	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0202	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-15389	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27824	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3984	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3521	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4193	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-3572	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3872	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0842	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4019	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4192	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-25315	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-25710	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0492	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-25236	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-21684	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-25235	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23308	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-4154	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25710	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-41190	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23852	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22822	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22823	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22827	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0392	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0261	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-0920	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-31566	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22826	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-23177	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3999	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-25709	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22817	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0413	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0847	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:1396	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23219	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22824	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-45960	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-3577	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-23218	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22825	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0435	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23177	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0532	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-46143	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22942	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2014-3577	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0330	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0516	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-22816	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-21684	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-31566	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0361	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0778	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0359	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-0318	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-0920	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-25709	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-44717	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2023:6976	Trust: 0.1
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index	Trust: 0.1
url:	https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_6976.json	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2024:0411	Trust: 0.1
url:	https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0411.json	Trust: 0.1
url:	https://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0580	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-40346	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-39241	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2022-24348	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20271	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-44790	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23133	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3573	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26141	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-27777	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26147	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2019-14615	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23841	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-17541	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36386	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-29650	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24587	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26144	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-29155	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33033	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20197	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3487	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-0427	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36312	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-31829	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-23840	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-31440	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26145	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3564	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-35448	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20673	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3489	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2018-20673	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24503	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-28971	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26146	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26139	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3679	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24588	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-36158	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24504	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33194	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3348	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24503	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20284	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-29646	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-0427	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14615	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24502	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-0129	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3635	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26143	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-29368	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20194	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3659	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-33200	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-29660	Trust: 0.1
url:	https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-26140	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3600	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2020-24586	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-20239	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-24502	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-3732	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-28950	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2021:4627	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-31916	Trust: 0.1
url:	https://docs.openshift.com/container-platform/latest/distr_tracing/distr_tracing_install/distr-tracing-updating.html	Trust: 0.1
url:	https://docs.openshift.com/container-platform/latest/distr_tracing/distributed-tracing-release-notes.html	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2022:0318	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2021-29923	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-20266	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-29923	Trust: 0.1

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 165631 // PACKETSTORM: 166308 // PACKETSTORM: 166789 // PACKETSTORM: 175705 // PACKETSTORM: 176732 // PACKETSTORM: 166051 // PACKETSTORM: 164967 // PACKETSTORM: 165758

SOURCES

db:	VULMON	id:	CVE-2020-12762
db:	JVNDB	id:	JVNDB-2020-005140
db:	PACKETSTORM	id:	165631
db:	PACKETSTORM	id:	166308
db:	PACKETSTORM	id:	166789
db:	PACKETSTORM	id:	175705
db:	PACKETSTORM	id:	176732
db:	PACKETSTORM	id:	158084
db:	PACKETSTORM	id:	166051
db:	PACKETSTORM	id:	164967
db:	PACKETSTORM	id:	165758
db:	NVD	id:	CVE-2020-12762

LAST UPDATE DATE

2025-04-28T22:30:17.634000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2020-12762	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2020-005140	date:	2022-09-20T05:36:00
db:	NVD	id:	CVE-2020-12762	date:	2024-11-21T05:00:13.950

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2020-12762	date:	2020-05-09T00:00:00
db:	JVNDB	id:	JVNDB-2020-005140	date:	2020-06-08T00:00:00
db:	PACKETSTORM	id:	165631	date:	2022-01-20T17:48:29
db:	PACKETSTORM	id:	166308	date:	2022-03-15T15:41:45
db:	PACKETSTORM	id:	166789	date:	2022-04-20T15:12:33
db:	PACKETSTORM	id:	175705	date:	2023-11-15T14:03:19
db:	PACKETSTORM	id:	176732	date:	2024-01-26T15:22:22
db:	PACKETSTORM	id:	158084	date:	2020-06-15T17:12:58
db:	PACKETSTORM	id:	166051	date:	2022-02-18T16:37:39
db:	PACKETSTORM	id:	164967	date:	2021-11-15T17:25:56
db:	PACKETSTORM	id:	165758	date:	2022-01-28T14:33:13
db:	NVD	id:	CVE-2020-12762	date:	2020-05-09T18:15:11.283