Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-14929

Опубликовано: 19 июн. 2020
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:alpine_project:alpine:*:*:*:*:*:*:*:*
Версия до 2.23 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 59%
0.00383
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2020-14929

CVSS3: 7.5
ubuntu
больше 5 лет назад

Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.

debian логотип

CVE-2020-14929

CVSS3: 7.5
debian
больше 5 лет назад

Alpine before 2.23 silently proceeds to use an insecure connection aft ...

suse-cvrf логотип

openSUSE-SU-2021:0675-1

suse-cvrf
почти 5 лет назад

Security update for alpine

github логотип

GHSA-2h9h-wfvh-5r96

CVSS3: 7.5
github
больше 3 лет назад

Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.

EPSS

Процентиль: 59%
0.00383
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other