ID

VAR-202012-1277


CVE

CVE-2020-8284


TITLE

HAXX libcurl Information disclosure vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202012-754

DESCRIPTION

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. HAXX Haxx curl is a set of file transfer tools that use the URL syntax to work under the command line of the Swedish Haxx (HAXX) company. The tool supports file upload and download and includes a libcurl (client URL transfer library) for program development. Attackers can use this vulnerability to bypass data access restrictions and obtain sensitive information through curl's FTP PASV Responses. CVE-2020-8177 sn reported that curl could be tricked by a malicious server into overwriting a local file when using th -J (--remote-header-name) and -i (--include) options in the same command line. CVE-2020-8231 Marc Aldorasi reported that libcurl might use the wrong connection when an application using libcurl's multi API sets the option CURLOPT_CONNECT_ONLY, which could lead to information leaks. CVE-2020-8285 xnynx reported that libcurl could run out of stack space when using tha FTP wildcard matching functionality (CURLOPT_CHUNK_BGN_FUNCTION). CVE-2020-8286 It was reported that libcurl didn't verify that an OCSP response actually matches the certificate it is intended to. CVE-2021-22876 Viktor Szakats reported that libcurl does not strip off user credentials from the URL when automatically populating the Referer HTTP request header field in outgoing HTTP requests. CVE-2021-22890 Mingtao Yang reported that, when using an HTTPS proxy and TLS 1.3, libcurl could confuse session tickets arriving from the HTTPS proxy as if they arrived from the remote server instead. This could allow an HTTPS proxy to trick libcurl into using the wrong session ticket for the host and thereby circumvent the server TLS certificate check. For the stable distribution (buster), these problems have been fixed in version 7.64.0-4+deb10u2. We recommend that you upgrade your curl packages. For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEBsId305pBx+F583DbwzL4CFiRygFAmBkQCoACgkQbwzL4CFi Ryg6Gg/+LqhhJ8+D7skevVkYzxHzdH2yT/XMeoYp0D37yHmEfH9PyjXwfplG+XEw /xwFRBK8qxD1ja+rQddYyeTvi1OMnMgMS3UsRHlfeMnLxh2+oHnvHDYG848npUEZ Rq4YFoc/n9YTAJZP/G4oiuBeXqH2Sqa5hSNT6VrYfRciCxkYnzA78b85KpI8aYyR lhfiJMNpwrqDbt/QzblpELBkGMIV402VeiqDwHfcVzm2E810xXQNLvPMbWtvDYkA TSrNsdqfuFr1tuQSZY6CGSWEyXtB/tOo8+pvUixlJMBWJMl5TXEcJkD5ckehx0yb C3n9yapfklxHiG9lD4zwwIJDqd3Y4SxdDiSlUC4OhdvpwniMygX0S3ICaPA4iac/ cWanml0Fop3OmRy+vQURTd3sADoT5HoRSUXZVU+HdTrRaEt2xs5okZkWSd3yr4Ux i+HgjUAFkkk8DLRB68Bbpx1LGxFGQT7L8yd4wsWINXlzASIP1A5dnNfE5w0VWOHG 3KDq47wNfjuiZC8GXW+HQCxz5MijnS8Y/Egl0OozNFDwEitNBZEsIjpZaZBdZIwi UFfcK7+u/y/TRY54rA4erkdcHFwpYW5EZVGdb7Z+WPWVlzw0ImXrM68LSAhHQaqW 1Hx4VwwwTsMIPnrx2kriRiiDPOW1r5Kip3yHa+QZLedSRGibQWk= =001T -----END PGP SIGNATURE----- . Bugs fixed (https://bugzilla.redhat.com/): 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1945703 - "Guest OS Info" availability in VMI describe is flaky 1958816 - [2.6.z] KubeMacPool fails to start due to OOM likely caused by a high number of Pods running in the cluster 1963275 - migration controller null pointer dereference 1965099 - Live Migration double handoff to virt-handler causes connection failures 1965181 - CDI importer doesn't report AwaitingVDDK like it used to 1967086 - Cloning DataVolumes between namespaces fails while creating cdi-upload pod 1967887 - [2.6.6] nmstate is not progressing on a node and not configuring vlan filtering that causes an outage for VMs 1969756 - Windows VMs fail to start on air-gapped environments 1970372 - Virt-handler fails to verify container-disk 1973227 - segfault in virt-controller during pdb deletion 1974084 - 2.6.6 containers 1975212 - No Virtual Machine Templates Found [EDIT - all templates are marked as depracted] 1975727 - [Regression][VMIO][Warm] The third precopy does not end in warm migration 1977756 - [2.6.z] PVC keeps in pending when using hostpath-provisioner 1982760 - [v2v] no kind VirtualMachine is registered for version \"kubevirt.io/v1\" i... 1986989 - OpenShift Virtualization 2.6.z cannot be upgraded to 4.8.0 initially deployed starting with <= 4.8 5. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux BaseOS (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update Advisory ID: RHSA-2021:2471-01 Product: Red Hat JBoss Core Services Advisory URL: https://access.redhat.com/errata/RHSA-2021:2471 Issue date: 2021-06-17 CVE Names: CVE-2020-8169 CVE-2020-8284 CVE-2020-8285 CVE-2020-8286 CVE-2021-22876 CVE-2021-22890 CVE-2021-22901 CVE-2021-31618 ===================================================================== 1. Summary: Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 8 zip release for RHEL 7, RHEL 8 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 8 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release. Security Fix(es): * curl: Use-after-free in TLS session handling when using OpenSSL TLS backend (CVE-2021-22901) * httpd: NULL pointer dereference on specially crafted HTTP/2 request (CVE-2021-31618) * libcurl: partial password leak over DNS on HTTP redirect (CVE-2020-8169) * curl: FTP PASV command response can cause curl to connect to arbitrary host (CVE-2020-8284) * curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used (CVE-2020-8285) * curl: Inferior OCSP verification (CVE-2020-8286) * curl: Leak of authentication credentials in URL via automatic Referer (CVE-2021-22876) * curl: TLS 1.3 session ticket mix-up with HTTPS proxy host (CVE-2021-22890) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. The References section of this erratum contains a download link for the update. You must be logged in to download the update. 4. Bugs fixed (https://bugzilla.redhat.com/): 1847916 - CVE-2020-8169 libcurl: partial password leak over DNS on HTTP redirect 1902667 - CVE-2020-8284 curl: FTP PASV command response can cause curl to connect to arbitrary host 1902687 - CVE-2020-8285 curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used 1906096 - CVE-2020-8286 curl: Inferior OCSP verification 1941964 - CVE-2021-22876 curl: Leak of authentication credentials in URL via automatic Referer 1941965 - CVE-2021-22890 curl: TLS 1.3 session ticket mix-up with HTTPS proxy host 1963146 - CVE-2021-22901 curl: Use-after-free in TLS session handling when using OpenSSL TLS backend 1968013 - CVE-2021-31618 httpd: NULL pointer dereference on specially crafted HTTP/2 request 5. References: https://access.redhat.com/security/cve/CVE-2020-8169 https://access.redhat.com/security/cve/CVE-2020-8284 https://access.redhat.com/security/cve/CVE-2020-8285 https://access.redhat.com/security/cve/CVE-2020-8286 https://access.redhat.com/security/cve/CVE-2021-22876 https://access.redhat.com/security/cve/CVE-2021-22890 https://access.redhat.com/security/cve/CVE-2021-22901 https://access.redhat.com/security/cve/CVE-2021-31618 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.37 https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.openssl&downloadType=securityPatches&version=1.1.1g https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.37/ 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYMszstzjgjWX9erEAQgW2Q//cZOMa4KOvz7KejR03sHk7m8aMHDRdPDe Ki6PTe99phprmuXNPOCPGFuWDXbdpAlyEx3Elt3Ah+vmpV+K7ThwXGXJkGwb6mol 2xAFvcwxxO6GNsCl8gYW+JTG+5HYLZ/U4q3lgHId9qfzmuRRg0zwOuwZC7y7R6kP 3H1o1WRiIKEA1oHCh3f3OizTrkOcBZsWINsJ2ggW+ZqVeve4PJH55F3JwCJbIuhd kUhe1QQjiANWq4m/+QkTRtIYzahqK+lIubpoU5P+sFosc7ASUGe29ZPC9LsfY4hx 61bSxXbxTv2wcBaUrg/TAxRplQdHRbZe8s8eWhMtDoNHRqujYOiKHUnBgdoY6oLd 3gfAGI3w2NnWRDodGDGXfuDu6hncAukvxqOO/tOnRd2n7/R52ewGCsNKvsf/OHRG 1X7UeD4DJvXiqBNOtPaqOjR3q7xdO5MhYtkvh/8mzvhx5X/CojUWRWmtSdJDhpvQ POl+hJjFqEFTUJk/VGDJ7HsIs5OqeoV0pURP3VvYyBF75xp3aYI8Gfb1wLoqXmp2 iFhSTskqEc42iMvG/Ks5Rb1wQLrJ4RNgxunGofmNQusjgN406aAqvE79a6JUmt/z 7Z6i8Tvy9PGgNtbnalyxbikpA8Qcoxoij2pbIcSNIJXW+mA74QtI3AC4+4m0V90H butyhmDY1nQ= =gsJD -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Bugs fixed (https://bugzilla.redhat.com/): 1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1928172 - CVE-2020-13949 libthrift: potential DoS when processing untrusted payloads 1928937 - CVE-2021-23337 nodejs-lodash: command injection via template 1928954 - CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions 5. ========================================================================== Ubuntu Security Notice USN-4665-1 December 09, 2020 curl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in curl. This could result in data being sent to the wrong destination, possibly exposing sensitive information. This issue only affected Ubuntu 20.10. (CVE-2020-8231) Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. (CVE-2020-8284) It was discovered that curl incorrectly handled FTP wildcard matchins. A remote attacker could possibly use this issue to cause curl to consume resources and crash, resulting in a denial of service. (CVE-2020-8285) It was discovered that curl incorrectly handled OCSP response verification. A remote attacker could possibly use this issue to provide a fraudulent OCSP response. (CVE-2020-8286) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.10: curl 7.68.0-1ubuntu4.2 libcurl3-gnutls 7.68.0-1ubuntu4.2 libcurl3-nss 7.68.0-1ubuntu4.2 libcurl4 7.68.0-1ubuntu4.2 Ubuntu 20.04 LTS: curl 7.68.0-1ubuntu2.4 libcurl3-gnutls 7.68.0-1ubuntu2.4 libcurl3-nss 7.68.0-1ubuntu2.4 libcurl4 7.68.0-1ubuntu2.4 Ubuntu 18.04 LTS: curl 7.58.0-2ubuntu3.12 libcurl3-gnutls 7.58.0-2ubuntu3.12 libcurl3-nss 7.58.0-2ubuntu3.12 libcurl4 7.58.0-2ubuntu3.12 Ubuntu 16.04 LTS: curl 7.47.0-1ubuntu2.18 libcurl3 7.47.0-1ubuntu2.18 libcurl3-gnutls 7.47.0-1ubuntu2.18 libcurl3-nss 7.47.0-1ubuntu2.18 In general, a standard system update will make all the necessary changes

Trust: 1.62

sources: NVD: CVE-2020-8284 // VULHUB: VHN-186409 // VULMON: CVE-2020-8284 // PACKETSTORM: 169015 // PACKETSTORM: 163789 // PACKETSTORM: 162629 // PACKETSTORM: 163193 // PACKETSTORM: 163276 // PACKETSTORM: 160423

AFFECTED PRODUCTS

vendor:fedoraprojectmodel:fedorascope:eqversion:33

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.0.1

Trust: 1.0

vendor:oraclemodel:essbasescope:eqversion:21.2

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:fujitsumodel:m12-2sscope:ltversion:xcp3110

Trust: 1.0

vendor:netappmodel:clustered data ontapscope:eqversion: -

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:ltversion:8.2.12

Trust: 1.0

vendor:oraclemodel:communications billing and revenue managementscope:eqversion:12.0.0.3.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:siemensmodel:sinec infrastructure network servicesscope:ltversion:1.0.1.1

Trust: 1.0

vendor:fujitsumodel:m10-1scope:ltversion:xcp3110

Trust: 1.0

vendor:fujitsumodel:m10-4sscope:ltversion:xcp3110

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:haxxmodel:curlscope:lteversion:7.73.0

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.14.6

Trust: 1.0

vendor:fujitsumodel:m10-4scope:ltversion:xcp2410

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:eqversion:9.1.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:32

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:ltversion:9.0.6

Trust: 1.0

vendor:netappmodel:solidfirescope:eqversion: -

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.1

Trust: 1.0

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.58

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:gteversion:9.0.0

Trust: 1.0

vendor:fujitsumodel:m12-2scope:ltversion:xcp2410

Trust: 1.0

vendor:applemodel:macosscope:eqversion:11.2

Trust: 1.0

vendor:splunkmodel:universal forwarderscope:gteversion:8.2.0

Trust: 1.0

vendor:fujitsumodel:m12-1scope:ltversion:xcp2410

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:netappmodel:hci management nodescope:eqversion: -

Trust: 1.0

vendor:fujitsumodel:m10-4scope:ltversion:xcp3110

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.14.6

Trust: 1.0

vendor:fujitsumodel:m12-2scope:ltversion:xcp3110

Trust: 1.0

vendor:netappmodel:hci storage nodescope:eqversion: -

Trust: 1.0

vendor:fujitsumodel:m12-2sscope:ltversion:xcp2410

Trust: 1.0

vendor:netappmodel:hci bootstrap osscope:eqversion: -

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.14.0

Trust: 1.0

vendor:fujitsumodel:m12-1scope:ltversion:xcp3110

Trust: 1.0

vendor:fujitsumodel:m10-4sscope:ltversion:xcp2410

Trust: 1.0

vendor:fujitsumodel:m10-1scope:ltversion:xcp2410

Trust: 1.0

vendor:oraclemodel:communications cloud native core policyscope:eqversion:1.14.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

sources: NVD: CVE-2020-8284

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-8284
value: LOW

Trust: 1.0

CNNVD: CNNVD-202012-754
value: LOW

Trust: 0.6

VULHUB: VHN-186409
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-8284
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-8284
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-186409
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-8284
baseSeverity: LOW
baseScore: 3.7
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 1.4
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-186409 // VULMON: CVE-2020-8284 // CNNVD: CNNVD-202012-754 // NVD: CVE-2020-8284

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.1

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-186409 // NVD: CVE-2020-8284

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202012-754

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202012-754

PATCH

title:Haxx curl Repair measures for information disclosure vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=137264

Trust: 0.6

title:Debian CVElist Bug Report Logs: curl: CVE-2020-8284: trusting FTP PASV responsesurl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=0ffb05dc08c6c9f5251a5fb47d2c1b45

Trust: 0.1

title:IBM: Security Bulletin: IBM MQ is affected by a vulnerability within libcurl (CVE-2020-8284)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=8dce374d73a7e6e542a5aecc279d3c25

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-8284 log

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1693url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1693

Trust: 0.1

title:Debian Security Advisories: DSA-4881-1 curl -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=a9706a30f62799ecc4d45bdb53c244eb

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=4a9822530e6b610875f83ffc10e02aba

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d

Trust: 0.1

title:evilFTPurl:https://github.com/vp777/evilFTP

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2021-40491

Trust: 0.1

title:surferFTPurl:https://github.com/vp777/surferFTP

Trust: 0.1

title:clair-clienturl:https://github.com/indece-official/clair-client

Trust: 0.1

title:PIA-PCurl:https://github.com/zanezhub/PIA-PC

Trust: 0.1

title:myapp-container-jaxrsurl:https://github.com/akiraabe/myapp-container-jaxrs

Trust: 0.1

sources: VULMON: CVE-2020-8284 // CNNVD: CNNVD-202012-754

EXTERNAL IDS

db:NVDid:CVE-2020-8284

Trust: 2.4

db:SIEMENSid:SSA-389290

Trust: 1.7

db:HACKERONEid:1040166

Trust: 1.7

db:PACKETSTORMid:163276

Trust: 0.8

db:PACKETSTORMid:160423

Trust: 0.8

db:PACKETSTORMid:162629

Trust: 0.8

db:PACKETSTORMid:160436

Trust: 0.7

db:PACKETSTORMid:160706

Trust: 0.7

db:PACKETSTORMid:163267

Trust: 0.7

db:PACKETSTORMid:163496

Trust: 0.7

db:AUSCERTid:ESB-2020.4343

Trust: 0.6

db:AUSCERTid:ESB-2020.4364

Trust: 0.6

db:AUSCERTid:ESB-2021.1700

Trust: 0.6

db:AUSCERTid:ESB-2021.1866

Trust: 0.6

db:AUSCERTid:ESB-2021.2657

Trust: 0.6

db:AUSCERTid:ESB-2021.2711

Trust: 0.6

db:AUSCERTid:ESB-2020.4506

Trust: 0.6

db:AUSCERTid:ESB-2023.3146

Trust: 0.6

db:AUSCERTid:ESB-2021.1841

Trust: 0.6

db:AUSCERTid:ESB-2021.2228

Trust: 0.6

db:AUSCERTid:ESB-2022.6150

Trust: 0.6

db:AUSCERTid:ESB-2021.2180

Trust: 0.6

db:AUSCERTid:ESB-2021.0631

Trust: 0.6

db:AUSCERTid:ESB-2020.4534

Trust: 0.6

db:AUSCERTid:ESB-2021.2471

Trust: 0.6

db:AUSCERTid:ESB-2021.2365

Trust: 0.6

db:AUSCERTid:ESB-2021.3141

Trust: 0.6

db:AUSCERTid:ESB-2021.4058

Trust: 0.6

db:AUSCERTid:ESB-2021.1114

Trust: 0.6

db:PACKETSTORMid:164192

Trust: 0.6

db:CS-HELPid:SB2021062315

Trust: 0.6

db:CS-HELPid:SB2021062703

Trust: 0.6

db:CS-HELPid:SB2021071516

Trust: 0.6

db:CS-HELPid:SB2021072050

Trust: 0.6

db:CS-HELPid:SB2021051406

Trust: 0.6

db:CS-HELPid:SB2021092220

Trust: 0.6

db:CS-HELPid:SB2022031104

Trust: 0.6

db:CS-HELPid:SB2021052026

Trust: 0.6

db:CNNVDid:CNNVD-202012-754

Trust: 0.6

db:PACKETSTORMid:163193

Trust: 0.2

db:PACKETSTORMid:163197

Trust: 0.1

db:PACKETSTORMid:163257

Trust: 0.1

db:VULHUBid:VHN-186409

Trust: 0.1

db:VULMONid:CVE-2020-8284

Trust: 0.1

db:PACKETSTORMid:169015

Trust: 0.1

db:PACKETSTORMid:163789

Trust: 0.1

sources: VULHUB: VHN-186409 // VULMON: CVE-2020-8284 // PACKETSTORM: 169015 // PACKETSTORM: 163789 // PACKETSTORM: 162629 // PACKETSTORM: 163193 // PACKETSTORM: 163276 // PACKETSTORM: 160423 // CNNVD: CNNVD-202012-754 // NVD: CVE-2020-8284

REFERENCES

url:https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20210122-0007/

Trust: 1.7

url:https://support.apple.com/kb/ht212325

Trust: 1.7

url:https://support.apple.com/kb/ht212326

Trust: 1.7

url:https://support.apple.com/kb/ht212327

Trust: 1.7

url:https://www.debian.org/security/2021/dsa-4881

Trust: 1.7

url:https://security.gentoo.org/glsa/202012-14

Trust: 1.7

url:https://curl.se/docs/cve-2020-8284.html

Trust: 1.7

url:https://hackerone.com/reports/1040166

Trust: 1.7

url:https://www.oracle.com//security-alerts/cpujul2021.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuapr2021.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuapr2022.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpujan2022.html

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-8284

Trust: 1.1

url:https://access.redhat.com/security/cve/cve-2020-8284

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/nzuvsqhn2eshmjxnq2z7t2eelbb5hjxg/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/daehe2s2qlo4ao4meeyl75nb7sah5psl/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/daehe2s2qlo4ao4meeyl75nb7sah5psl/

Trust: 0.7

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/nzuvsqhn2eshmjxnq2z7t2eelbb5hjxg/

Trust: 0.7

url:https://packetstormsecurity.com/files/164192/red-hat-security-advisory-2021-3556-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1866

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1700

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2657

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0631

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2711

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1841

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4343/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.3146

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-curl-libcurl-vulnerabilites-impacting-aspera-high-speed-transfer-server-aspera-high-speed-transfer-endpoint-aspera-desktop-client-4-0-and-earlier-cve-2020-8284-cve-2020-8286-c/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.6150

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1114

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2365

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-vulnerabilities-in-curl-affect-powersc-cve-2020-8284-cve-2020-8285-and-cve-2020-8286/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2180

Trust: 0.6

url:https://packetstormsecurity.com/files/162629/red-hat-security-advisory-2021-1610-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/163276/red-hat-security-advisory-2021-2543-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021052026

Trust: 0.6

url:https://packetstormsecurity.com/files/160706/gentoo-linux-security-advisory-202012-14.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021072050

Trust: 0.6

url:https://packetstormsecurity.com/files/163496/red-hat-security-advisory-2021-2705-01.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/curl-information-disclosure-via-ftp-pasv-responses-34066

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2228

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021062703

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021092220

Trust: 0.6

url:https://support.apple.com/en-us/ht212325

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4534/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4364/

Trust: 0.6

url:https://packetstormsecurity.com/files/160436/ubuntu-security-notice-usn-4665-2.html

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6520474

Trust: 0.6

url:https://support.apple.com/en-us/ht212327

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4506/

Trust: 0.6

url:https://packetstormsecurity.com/files/163267/red-hat-security-advisory-2021-2532-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2471

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021071516

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021062315

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4058

Trust: 0.6

url:https://packetstormsecurity.com/files/160423/ubuntu-security-notice-usn-4665-1.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051406

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3141

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-is-affected-by-a-vulnerability-within-libcurl-cve-2020-8284/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022031104

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2020-8285

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-8286

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-8231

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-8286

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-8285

Trust: 0.4

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://bugzilla.redhat.com/):

Trust: 0.4

url:https://access.redhat.com/security/team/contact/

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-8231

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-22876

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-8169

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-22890

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-28196

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-15358

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2017-14502

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-13434

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-27219

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-29362

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-13434

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2017-14502

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-10228

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-9169

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26116

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-25013

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-29361

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-27619

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3177

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-9169

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3326

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-25013

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-2708

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-23336

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-8927

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-29363

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3114

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-2708

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-10228

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-27618

Trust: 0.2

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://security-tracker.debian.org/tracker/curl

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-8177

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25039

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14347

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14346

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25712

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23240

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12364

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3520

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9951

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25037

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23239

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36242

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25037

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3537

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33909

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3518

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-32399

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9948

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-13012

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28935

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3516

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25034

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25035

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14866

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25038

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14345

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14866

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13584

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-26137

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14360

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25040

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13584

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3517

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3560

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25042

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20201

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25042

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25038

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25659

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3541

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25041

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:3119

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25217

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25036

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20271

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-25215

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-9983

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25036

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14344

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25035

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14345

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14344

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14362

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14361

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-12363

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28211

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25039

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-13012

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14346

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-25040

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-12364

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25041

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33910

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-25034

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1610

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22901

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp&downloadtype=securitypatches&version=2.4.37

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-22901

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.openssl&downloadtype=securitypatches&version=1.1.1g

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22876

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.37/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22890

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-31618

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-31618

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2471

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-8169

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28500

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28500

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-26116

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20305

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-15358

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20305

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13949

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28362

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/jaeger/jaeger_install/rhb

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28362

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27618

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-3842

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29361

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-8927

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13776

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-29363

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:2543

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24977

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-3842

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13776

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-23336

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3449

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13949

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-27619

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3450

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-23337

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-24977

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-28196

Trust: 0.1

url:https://usn.ubuntu.com/4665-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.12

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu4.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/curl/7.47.0-1ubuntu2.18

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.4

Trust: 0.1

sources: VULHUB: VHN-186409 // PACKETSTORM: 169015 // PACKETSTORM: 163789 // PACKETSTORM: 162629 // PACKETSTORM: 163193 // PACKETSTORM: 163276 // PACKETSTORM: 160423 // CNNVD: CNNVD-202012-754 // NVD: CVE-2020-8284

CREDITS

Red Hat

Trust: 1.0

sources: PACKETSTORM: 163789 // PACKETSTORM: 162629 // PACKETSTORM: 163193 // PACKETSTORM: 163276 // CNNVD: CNNVD-202012-754

SOURCES

db:VULHUBid:VHN-186409
db:VULMONid:CVE-2020-8284
db:PACKETSTORMid:169015
db:PACKETSTORMid:163789
db:PACKETSTORMid:162629
db:PACKETSTORMid:163193
db:PACKETSTORMid:163276
db:PACKETSTORMid:160423
db:CNNVDid:CNNVD-202012-754
db:NVDid:CVE-2020-8284

LAST UPDATE DATE

2025-09-15T20:22:11.024000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-186409date:2022-05-13T00:00:00
db:VULMONid:CVE-2020-8284date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202012-754date:2023-06-05T00:00:00
db:NVDid:CVE-2020-8284date:2024-11-21T05:38:39.193

SOURCES RELEASE DATE

db:VULHUBid:VHN-186409date:2020-12-14T00:00:00
db:VULMONid:CVE-2020-8284date:2020-12-14T00:00:00
db:PACKETSTORMid:169015date:2021-03-28T19:12:00
db:PACKETSTORMid:163789date:2021-08-11T16:15:17
db:PACKETSTORMid:162629date:2021-05-19T13:56:56
db:PACKETSTORMid:163193date:2021-06-17T18:01:23
db:PACKETSTORMid:163276date:2021-06-24T17:54:53
db:PACKETSTORMid:160423date:2020-12-09T16:29:45
db:CNNVDid:CNNVD-202012-754date:2020-12-09T00:00:00
db:NVDid:CVE-2020-8284date:2020-12-14T20:15:13.903