exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

CVE-2020-8231

Status Candidate

Overview

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.

Related Files

Red Hat Security Advisory 2021-3556-01
Posted Sep 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3556-01 - Red Hat OpenShift Serverless 1.17.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7 and 4.8, and includes security and bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-9169, CVE-2020-13434, CVE-2020-15358, CVE-2020-27618, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-20271, CVE-2021-20305, CVE-2021-27218, CVE-2021-27918, CVE-2021-31525, CVE-2021-33195, CVE-2021-33196, CVE-2021-33197, CVE-2021-33198, CVE-2021-3326
MD5 | 969c710b954bad7d42237e2c7e01d431
Red Hat Security Advisory 2021-2705-01
Posted Jul 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2705-01 - Red Hat OpenShift Serverless 1.16.0 release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6 and 4.7, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section. Issues addressed include a memory exhaustion vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-27618, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-27219, CVE-2021-27918, CVE-2021-31525, CVE-2021-33196, CVE-2021-3326
MD5 | cf60d4cefd636ea32aced9b71992e9aa
Red Hat Security Advisory 2021-2543-01
Posted Jun 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2543-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-13949, CVE-2020-15358, CVE-2020-24977, CVE-2020-26116, CVE-2020-27618, CVE-2020-27619, CVE-2020-28196, CVE-2020-28362, CVE-2020-28500, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-20305, CVE-2021-23336
MD5 | 999fa032c4df34cdc39fca102e2f2111
Red Hat Security Advisory 2021-2532-01
Posted Jun 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2532-01 - Red Hat OpenShift Jaeger is Red Hat's distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-26116, CVE-2020-27618, CVE-2020-27619, CVE-2020-28196, CVE-2020-28362, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-20305, CVE-2021-23336, CVE-2021-27219, CVE-2021-3114
MD5 | 66a51cff0ef120e7619f58316d2306b6
Red Hat Security Advisory 2021-2130-01
Posted Jun 23, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2130-01 - Windows Container Support for Red Hat OpenShift allows you to deploy Windows container workloads running on Windows Server containers. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat, windows
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-27618, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2020-8927, CVE-2021-20305, CVE-2021-25736, CVE-2021-27219, CVE-2021-3326, CVE-2021-3449, CVE-2021-3450
MD5 | fd9348f3bd9855d4db87c8b6ac37d8a0
Red Hat Security Advisory 2021-2479-01
Posted Jun 17, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2479-01 - Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2016-10228, CVE-2017-14502, CVE-2019-13012, CVE-2019-14866, CVE-2019-25013, CVE-2019-2708, CVE-2019-3842, CVE-2019-9169, CVE-2020-13434, CVE-2020-13543, CVE-2020-13584, CVE-2020-13776, CVE-2020-15358, CVE-2020-24977, CVE-2020-25659, CVE-2020-25678, CVE-2020-26116, CVE-2020-26137, CVE-2020-27618, CVE-2020-27619, CVE-2020-27783, CVE-2020-28196, CVE-2020-29361, CVE-2020-29362, CVE-2020-29363, CVE-2020-36242, CVE-2020-8231
MD5 | ab1ddf71e1b9a05b6be7d4ee52a51220
Red Hat Security Advisory 2021-1610-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1610-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286
MD5 | 66aaf3d3d46044d633d7a6bb831d1434
Gentoo Linux Security Advisory 202012-14
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-14 - Multiple vulnerabilities have been found in cURL, the worst of which could result in information disclosure or data loss. Versions less than 7.74.0 are affected.

tags | advisory, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286
MD5 | e0d48e75aa862e7052b77e85c1692402
Ubuntu Security Notice USN-4665-1
Posted Dec 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4665-1 - Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. This issue only affected Ubuntu 20.10. Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to trick curl into connecting to an arbitrary IP address and be used to perform port scanner and other information gathering. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286
MD5 | 9b9a20e2d0e66756f1b80b9137edad83
Ubuntu Security Notice USN-4466-2
Posted Aug 20, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4466-2 - USN-4466-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 ESM. Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-8231
MD5 | 522ed7acb4e8dbf21cd7d004af916da3
Ubuntu Security Notice USN-4466-1
Posted Aug 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4466-1 - Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-8231
MD5 | 05bcf7b1689c82fafb1614af7d438084
Page 1 of 1
Back1Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    10 Files
  • 25
    Sep 25th
    1 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    20 Files
  • 28
    Sep 28th
    19 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close