CVE-2020-12823

Опубликовано: 12 мая 2020

Источник: debian

EPSS Низкий

Описание

OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
openconnect	fixed	8.10-1		package

Примечания

https://gitlab.com/openconnect/openconnect/-/merge_requests/108
Only triggerable by local certs, which are under the control of the user

EPSS

Процентиль: 83%

0.01863

Низкий

Связанные уязвимости

CVE-2020-12823

CVSS3: 9.8

ubuntu

больше 5 лет назад

OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.

CVE-2020-12823

CVSS3: 9.8

nvd

больше 5 лет назад

OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.

openSUSE-SU-2020:1027-1

suse-cvrf

больше 5 лет назад

Security update for openconnect

openSUSE-SU-2020:0997-1

suse-cvrf

больше 5 лет назад

Security update for openconnect

SUSE-SU-2020:1930-1

suse-cvrf

больше 5 лет назад

Security update for openconnect

EPSS

Процентиль: 83%

0.01863

Низкий