CVE-2020-8286

Опубликовано: 14 дек. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

Релиз	Статус	Примечание
bionic	released	7.58.0-2ubuntu3.12
devel	released	7.74.0-1ubuntu1
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	released	7.58.0-2ubuntu3.12
esm-infra/focal	released	7.68.0-1ubuntu2.4
esm-infra/xenial	released	7.47.0-1ubuntu2.18
focal	released	7.68.0-1ubuntu2.4
groovy	released	7.68.0-1ubuntu4.2
precise/esm	not-affected	code not present
trusty	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 51%

0.00283

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-8286

CVSS3: 7.4

redhat

около 5 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

CVE-2020-8286

CVSS3: 7.5

nvd

около 5 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

CVE-2020-8286

CVSS3: 7.5

msrc

около 5 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

CVE-2020-8286

CVSS3: 7.5

debian

около 5 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for cert ...

GHSA-xh5x-q49r-r9w4

CVSS3: 7.5

github

больше 3 лет назад

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

EPSS

Процентиль: 51%

0.00283

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2020-8286

Описание

Пакет curl

Ссылки на источники

Связанные уязвимости