CVE-2020-26213

Опубликовано: 06 нояб. 2020

Источник: nvd

CVSS3: 5.9

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

In teler before version 0.0.1, if you run teler inside a Docker container and encounter errors.Exit function, it will cause denial-of-service (SIGSEGV) because it doesn't get process ID and process group ID of teler properly to kills. The issue is patched in teler 0.0.1 and 0.0.1-dev5.1.

Ссылки

https://github.com/kitabisa/teler/commit/ec6082049dba9e44a21f35fb7b123d42ce1a1a7e
Patch
Third Party Advisory
https://github.com/kitabisa/teler/security/advisories/GHSA-jhj6-5mh6-4pvf
Third Party Advisory
https://github.com/kitabisa/teler/commit/ec6082049dba9e44a21f35fb7b123d42ce1a1a7e
Patch
Third Party Advisory
https://github.com/kitabisa/teler/security/advisories/GHSA-jhj6-5mh6-4pvf
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:teler_project:teler:*:*:*:*:*:*:*:*

Версия до 0.0.1 (исключая)

EPSS

Процентиль: 60%

0.0039

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

GHSA-jhj6-5mh6-4pvf

CVSS3: 5.9

github

больше 4 лет назад

Denial-of-Service within Docker container

EPSS

Процентиль: 60%

0.0039

Низкий

5.9 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476