CVE-2020-8230

Опубликовано: 17 авг. 2020

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory.

Ссылки

https://hackerone.com/reports/380102
Issue Tracking
Patch
Third Party Advisory
https://nextcloud.com/security/advisory/?id=NC-SA-2020-035
Broken Link
Vendor Advisory
https://hackerone.com/reports/380102
Issue Tracking
Patch
Third Party Advisory
https://nextcloud.com/security/advisory/?id=NC-SA-2020-035
Broken Link
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nextcloud:desktop:*:*:*:*:*:*:*:*

Версия до 2.6.5 (исключая)

EPSS

Процентиль: 22%

0.00072

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-119

CWE-787

Связанные уязвимости

CVE-2020-8230

CVSS3: 5.5

ubuntu

больше 5 лет назад

A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory.

CVE-2020-8230

CVSS3: 5.5

debian

больше 5 лет назад

A memory corruption vulnerability exists in NextCloud Desktop Client v ...

GHSA-7m96-3q52-cjxh

CVSS3: 5.5

github

больше 3 лет назад

A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory.

EPSS

Процентиль: 22%

0.00072

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-119

CWE-787