what you don't know can hurt you
Showing 1 - 5 of 5 RSS Feed

CVE-2020-8286

Status Candidate

Overview

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

Related Files

Apple Security Advisory 2021-04-26-4
Posted Apr 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-04-26-4 - Security Update 2021-003 Mojave addresses buffer overflow, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2020-27942, CVE-2020-3838, CVE-2020-8037, CVE-2020-8285, CVE-2020-8286, CVE-2021-1739, CVE-2021-1784, CVE-2021-1797, CVE-2021-1805, CVE-2021-1806, CVE-2021-1808, CVE-2021-1809, CVE-2021-1811, CVE-2021-1813, CVE-2021-1828, CVE-2021-1834, CVE-2021-1839, CVE-2021-1840, CVE-2021-1843, CVE-2021-1847, CVE-2021-1851, CVE-2021-1857, CVE-2021-1860, CVE-2021-1868, CVE-2021-1873, CVE-2021-1875, CVE-2021-1876, CVE-2021-1878
MD5 | b57ad74ebe7224e818dfd682616dc528
Apple Security Advisory 2021-04-26-3
Posted Apr 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-04-26-3 - Security Update 2021-002 Catalina addresses buffer overflow, bypass, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2020-27942, CVE-2020-3838, CVE-2020-8037, CVE-2020-8285, CVE-2020-8286, CVE-2021-1739, CVE-2021-1740, CVE-2021-1784, CVE-2021-1797, CVE-2021-1808, CVE-2021-1809, CVE-2021-1810, CVE-2021-1811, CVE-2021-1813, CVE-2021-1824, CVE-2021-1828, CVE-2021-1834, CVE-2021-1839, CVE-2021-1840, CVE-2021-1843, CVE-2021-1847, CVE-2021-1851, CVE-2021-1857, CVE-2021-1860, CVE-2021-1868, CVE-2021-1873, CVE-2021-1875, CVE-2021-1876
MD5 | 9f006d6e8a5b2d11ef5b60478ef0104c
Apple Security Advisory 2021-04-26-2
Posted Apr 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-04-26-2 - macOS Big Sur 11.3 addresses buffer overflow, bypass, code execution, cross site scripting, denial of service, double free, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution, xss
systems | apple
advisories | CVE-2020-7463, CVE-2020-8037, CVE-2020-8285, CVE-2020-8286, CVE-2021-1739, CVE-2021-1740, CVE-2021-1784, CVE-2021-1808, CVE-2021-1809, CVE-2021-1810, CVE-2021-1811, CVE-2021-1813, CVE-2021-1814, CVE-2021-1815, CVE-2021-1817, CVE-2021-1820, CVE-2021-1824, CVE-2021-1825, CVE-2021-1826, CVE-2021-1828, CVE-2021-1829, CVE-2021-1832, CVE-2021-1834, CVE-2021-1839, CVE-2021-1840, CVE-2021-1841, CVE-2021-1843, CVE-2021-1846
MD5 | 8b939e0c156d2772ca0874561cc78496
Gentoo Linux Security Advisory 202012-14
Posted Dec 24, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202012-14 - Multiple vulnerabilities have been found in cURL, the worst of which could result in information disclosure or data loss. Versions less than 7.74.0 are affected.

tags | advisory, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286
MD5 | e0d48e75aa862e7052b77e85c1692402
Ubuntu Security Notice USN-4665-1
Posted Dec 9, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4665-1 - Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. This issue only affected Ubuntu 20.10. Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to trick curl into connecting to an arbitrary IP address and be used to perform port scanner and other information gathering. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286
MD5 | 9b9a20e2d0e66756f1b80b9137edad83
Page 1 of 1
Back1Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    27 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close