ID

VAR-202104-1841


CVE

CVE-2020-10001


TITLE

macOS  Input verification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-017322

DESCRIPTION

An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to read restricted memory. macOS There is an input validation vulnerability in.Information may be obtained. SUSE Linux Enterprise Desktop is an enterprise server version of Linux desktop operating system of German SUSE company. There is a security vulnerability in SUSE Linux Enterprise Desktop. Attackers can use this vulnerability to forcibly read invalid addresses through the Extension field of CUPS to trigger denial of service or obtain sensitive information. A security issue was found in cups before version 2.3.3op2. A missing length check in the ippReadIO function could lead to a buffer over-read. Bugs fixed (https://bugzilla.redhat.com/): 2030932 - CVE-2021-44228 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: cups security and bug fix update Advisory ID: RHSA-2021:4393-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4393 Issue date: 2021-11-09 CVE Names: CVE-2020-10001 ==================================================================== 1. Summary: An update for cups is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The Common UNIX Printing System (CUPS) provides a portable printing layer for Linux, UNIX, and similar operating systems. Security Fix(es): * cups: access to uninitialized buffer in ipp.c (CVE-2020-10001) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the cupsd service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1782216 - Print queue is paused after ipp backend ends with CUPS_BACKEND_STOP 1921680 - CVE-2020-10001 cups: access to uninitialized buffer in ipp.c 1938384 - CUPS doesn't start if sssd starts after cupsd 1941437 - cupsd doesn't log job ids when logging into journal 1955964 - PreserveJobHistory doesn't work with seconds 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: cups-2.2.6-40.el8.aarch64.rpm cups-client-2.2.6-40.el8.aarch64.rpm cups-client-debuginfo-2.2.6-40.el8.aarch64.rpm cups-debuginfo-2.2.6-40.el8.aarch64.rpm cups-debugsource-2.2.6-40.el8.aarch64.rpm cups-devel-2.2.6-40.el8.aarch64.rpm cups-ipptool-2.2.6-40.el8.aarch64.rpm cups-ipptool-debuginfo-2.2.6-40.el8.aarch64.rpm cups-libs-debuginfo-2.2.6-40.el8.aarch64.rpm cups-lpd-2.2.6-40.el8.aarch64.rpm cups-lpd-debuginfo-2.2.6-40.el8.aarch64.rpm noarch: cups-filesystem-2.2.6-40.el8.noarch.rpm ppc64le: cups-2.2.6-40.el8.ppc64le.rpm cups-client-2.2.6-40.el8.ppc64le.rpm cups-client-debuginfo-2.2.6-40.el8.ppc64le.rpm cups-debuginfo-2.2.6-40.el8.ppc64le.rpm cups-debugsource-2.2.6-40.el8.ppc64le.rpm cups-devel-2.2.6-40.el8.ppc64le.rpm cups-ipptool-2.2.6-40.el8.ppc64le.rpm cups-ipptool-debuginfo-2.2.6-40.el8.ppc64le.rpm cups-libs-debuginfo-2.2.6-40.el8.ppc64le.rpm cups-lpd-2.2.6-40.el8.ppc64le.rpm cups-lpd-debuginfo-2.2.6-40.el8.ppc64le.rpm s390x: cups-2.2.6-40.el8.s390x.rpm cups-client-2.2.6-40.el8.s390x.rpm cups-client-debuginfo-2.2.6-40.el8.s390x.rpm cups-debuginfo-2.2.6-40.el8.s390x.rpm cups-debugsource-2.2.6-40.el8.s390x.rpm cups-devel-2.2.6-40.el8.s390x.rpm cups-ipptool-2.2.6-40.el8.s390x.rpm cups-ipptool-debuginfo-2.2.6-40.el8.s390x.rpm cups-libs-debuginfo-2.2.6-40.el8.s390x.rpm cups-lpd-2.2.6-40.el8.s390x.rpm cups-lpd-debuginfo-2.2.6-40.el8.s390x.rpm x86_64: cups-2.2.6-40.el8.x86_64.rpm cups-client-2.2.6-40.el8.x86_64.rpm cups-client-debuginfo-2.2.6-40.el8.i686.rpm cups-client-debuginfo-2.2.6-40.el8.x86_64.rpm cups-debuginfo-2.2.6-40.el8.i686.rpm cups-debuginfo-2.2.6-40.el8.x86_64.rpm cups-debugsource-2.2.6-40.el8.i686.rpm cups-debugsource-2.2.6-40.el8.x86_64.rpm cups-devel-2.2.6-40.el8.i686.rpm cups-devel-2.2.6-40.el8.x86_64.rpm cups-ipptool-2.2.6-40.el8.x86_64.rpm cups-ipptool-debuginfo-2.2.6-40.el8.i686.rpm cups-ipptool-debuginfo-2.2.6-40.el8.x86_64.rpm cups-libs-debuginfo-2.2.6-40.el8.i686.rpm cups-libs-debuginfo-2.2.6-40.el8.x86_64.rpm cups-lpd-2.2.6-40.el8.x86_64.rpm cups-lpd-debuginfo-2.2.6-40.el8.i686.rpm cups-lpd-debuginfo-2.2.6-40.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: cups-2.2.6-40.el8.src.rpm aarch64: cups-client-debuginfo-2.2.6-40.el8.aarch64.rpm cups-debuginfo-2.2.6-40.el8.aarch64.rpm cups-debugsource-2.2.6-40.el8.aarch64.rpm cups-ipptool-debuginfo-2.2.6-40.el8.aarch64.rpm cups-libs-2.2.6-40.el8.aarch64.rpm cups-libs-debuginfo-2.2.6-40.el8.aarch64.rpm cups-lpd-debuginfo-2.2.6-40.el8.aarch64.rpm ppc64le: cups-client-debuginfo-2.2.6-40.el8.ppc64le.rpm cups-debuginfo-2.2.6-40.el8.ppc64le.rpm cups-debugsource-2.2.6-40.el8.ppc64le.rpm cups-ipptool-debuginfo-2.2.6-40.el8.ppc64le.rpm cups-libs-2.2.6-40.el8.ppc64le.rpm cups-libs-debuginfo-2.2.6-40.el8.ppc64le.rpm cups-lpd-debuginfo-2.2.6-40.el8.ppc64le.rpm s390x: cups-client-debuginfo-2.2.6-40.el8.s390x.rpm cups-debuginfo-2.2.6-40.el8.s390x.rpm cups-debugsource-2.2.6-40.el8.s390x.rpm cups-ipptool-debuginfo-2.2.6-40.el8.s390x.rpm cups-libs-2.2.6-40.el8.s390x.rpm cups-libs-debuginfo-2.2.6-40.el8.s390x.rpm cups-lpd-debuginfo-2.2.6-40.el8.s390x.rpm x86_64: cups-client-debuginfo-2.2.6-40.el8.i686.rpm cups-client-debuginfo-2.2.6-40.el8.x86_64.rpm cups-debuginfo-2.2.6-40.el8.i686.rpm cups-debuginfo-2.2.6-40.el8.x86_64.rpm cups-debugsource-2.2.6-40.el8.i686.rpm cups-debugsource-2.2.6-40.el8.x86_64.rpm cups-ipptool-debuginfo-2.2.6-40.el8.i686.rpm cups-ipptool-debuginfo-2.2.6-40.el8.x86_64.rpm cups-libs-2.2.6-40.el8.i686.rpm cups-libs-2.2.6-40.el8.x86_64.rpm cups-libs-debuginfo-2.2.6-40.el8.i686.rpm cups-libs-debuginfo-2.2.6-40.el8.x86_64.rpm cups-lpd-debuginfo-2.2.6-40.el8.i686.rpm cups-lpd-debuginfo-2.2.6-40.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10001 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/ 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYrdptzjgjWX9erEAQifnA//fTvcvlIMMRvl8mpYAZuZ9Tv8ZLKYT62j LfH/kVsjq5mJDCPUErwq7XgWN0RfhXaV7dPvB/FbCR1Vh4xtrQEev9JsOkP4g/3z WeuNvlfEtgNcSTSeVJEgIDPi1Dqr4PfNfcy81PWzU0T9K2i17BAIlqVcE7N8Zq71 azP5IT5M7xZU21PbqnDy5ULgb5CVtexslxemufa7kkeRDTl8FjeSq7nWXV4DWAjP 2W9/wzHfGgXtMn4wp/64knWPFROocKiwhj69YTGgPecvdvWHnIkZ9cwWSpAT0LIj SIxRTZoGyusouZZV8gchVS9qtsl4VP1B15QF2C1FK8kiJfEaxeJVH9Kf89QLsX8s ZtVMW4WlqWyBI0kmCL4Yz/bxkBnQuhzgbb+tO4347gpaXpW6zwTu8qp2iYBYHFyX EQFaxYTXaV9kxHgkDNqnw5m5Fi+Q/hz7sZcX8485BbDeqbqqVdi2QdvCsCtPcIgj GTp0dTOwoJc/3o35e6cv4uNdQcqxfgfTBhhkqWOS4jzDRNQL5MOrTKql3D/NJSA3 jb/RahyZkSGxYKTwae4qZKEixeL4hNyU+hYZHUYKb4VxAsn9Y9iOGO43u+LLw4Rp 1e/HKPV+cv741Ph4POP8cgrCe2FZNO4sRU4Ac6bL2uPPDZBhYyQYaHEsB9dFSEzc SCmYx2xwC+4=1Pv7 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary: The Migration Toolkit for Containers (MTC) 1.6.3 is now available. Description: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Solution: For details on how to install and use MTC, refer to: https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html 4. Bugs fixed (https://bugzilla.redhat.com/): 2019088 - "MigrationController" CR displays syntax error when unquiescing applications 2021666 - Route name longer than 63 characters causes direct volume migration to fail 2021668 - "MigrationController" CR ignores the "cluster_subdomain" value for direct volume migration routes 2022017 - CVE-2021-3948 mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC) 2024966 - Manifests not used by Operator Lifecycle Manager must be removed from the MTC 1.6 Operator image 2027196 - "migration-controller" pod goes into "CrashLoopBackoff" state if an invalid registry route is entered on the "Clusters" page of the web console 2027382 - "Copy oc describe/oc logs" window does not close automatically after timeout 2028841 - "rsync-client" container fails during direct volume migration with "Address family not supported by protocol" error 2031793 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "includedResources" resource 2039852 - "migration-controller" pod goes into "CrashLoopBackOff" state if "MigPlan" CR contains an invalid "destMigClusterRef" or "srcMigClusterRef" 5. Solution: For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update: https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html For Red Hat OpenShift Logging 5.3, see the following instructions to apply this update: https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment 5. JIRA issues fixed (https://issues.jboss.org/): LOG-1168 - Disable hostname verification in syslog TLS settings LOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd LOG-1375 - ssl_ca_cert should be optional LOG-1378 - CLO should support sasl_plaintext(Password over http) LOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate LOG-1494 - Syslog output is serializing json incorrectly LOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server LOG-1575 - Rejected by Elasticsearch and unexpected json-parsing LOG-1735 - Regression introducing flush_at_shutdown LOG-1774 - The collector logs should be excluded in fluent.conf LOG-1776 - fluentd total_limit_size sets value beyond available space LOG-1822 - OpenShift Alerting Rules Style-Guide Compliance LOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled LOG-1862 - Unsupported kafka parameters when enabled Kafka SASL LOG-1903 - Fix the Display of ClusterLogging type in OLM LOG-1911 - CLF API changes to Opt-in to multiline error detection LOG-1918 - Alert `FluentdNodeDown` always firing LOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding 6

Trust: 2.16

sources: NVD: CVE-2020-10001 // JVNDB: JVNDB-2020-017322 // VULHUB: VHN-162436 // VULMON: CVE-2020-10001 // PACKETSTORM: 165296 // PACKETSTORM: 164849 // PACKETSTORM: 165631 // PACKETSTORM: 164967

AFFECTED PRODUCTS

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:11.1.0

Trust: 1.0

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-017322 // NVD: CVE-2020-10001

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-10001
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-10001
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202102-206
value: MEDIUM

Trust: 0.6

VULHUB: VHN-162436
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-10001
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-162436
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-10001
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2020-10001
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-162436 // JVNDB: JVNDB-2020-017322 // CNNVD: CNNVD-202102-206 // NVD: CVE-2020-10001

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.1

problemtype:Inappropriate input confirmation (CWE-20) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-162436 // JVNDB: JVNDB-2020-017322 // NVD: CVE-2020-10001

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-206

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202102-206

PATCH

title:HT212011url:https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html

Trust: 0.8

title:SUSE Linux Enterprise Desktop Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=140705

Trust: 0.6

title:Arch Linux Advisories: [ASA-202102-13] cups: information disclosureurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-202102-13

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2020-10001 log

Trust: 0.1

sources: VULMON: CVE-2020-10001 // JVNDB: JVNDB-2020-017322 // CNNVD: CNNVD-202102-206

EXTERNAL IDS

db:NVDid:CVE-2020-10001

Trust: 3.8

db:PACKETSTORMid:165296

Trust: 0.8

db:PACKETSTORMid:164849

Trust: 0.8

db:PACKETSTORMid:165631

Trust: 0.8

db:PACKETSTORMid:164967

Trust: 0.8

db:JVNid:JVNVU95288122

Trust: 0.8

db:JVNDBid:JVNDB-2020-017322

Trust: 0.8

db:CNNVDid:CNNVD-202102-206

Trust: 0.7

db:AUSCERTid:ESB-2021.3767

Trust: 0.6

db:AUSCERTid:ESB-2022.2675

Trust: 0.6

db:AUSCERTid:ESB-2021.0393

Trust: 0.6

db:AUSCERTid:ESB-2021.4254

Trust: 0.6

db:AUSCERTid:ESB-2021.3905

Trust: 0.6

db:AUSCERTid:ESB-2022.0245

Trust: 0.6

db:AUSCERTid:ESB-2021.3624

Trust: 0.6

db:CS-HELPid:SB2022060108

Trust: 0.6

db:CS-HELPid:SB2022053129

Trust: 0.6

db:VULHUBid:VHN-162436

Trust: 0.1

db:VULMONid:CVE-2020-10001

Trust: 0.1

sources: VULHUB: VHN-162436 // VULMON: CVE-2020-10001 // JVNDB: JVNDB-2020-017322 // PACKETSTORM: 165296 // PACKETSTORM: 164849 // PACKETSTORM: 165631 // PACKETSTORM: 164967 // CNNVD: CNNVD-202102-206 // NVD: CVE-2020-10001

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2020-10001

Trust: 1.8

url:https://support.apple.com/en-us/ht212011

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/10/msg00027.html

Trust: 1.7

url:http://jvn.jp/vu/jvnvu95288122/index.html

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.0245

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3624

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3767

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3905

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022060108

Trust: 0.6

url:https://packetstormsecurity.com/files/165296/red-hat-security-advisory-2021-5137-03.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0393

Trust: 0.6

url:https://packetstormsecurity.com/files/165631/red-hat-security-advisory-2022-0202-04.html

Trust: 0.6

url:https://packetstormsecurity.com/files/164849/red-hat-security-advisory-2021-4393-03.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4254

Trust: 0.6

url:https://vigilance.fr/vulnerability/cups-out-of-bounds-memory-reading-via-extension-field-34465

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2675

Trust: 0.6

url:https://packetstormsecurity.com/files/164967/red-hat-security-advisory-2021-4627-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022053129

Trust: 0.6

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-10001

Trust: 0.4

url:https://bugzilla.redhat.com/):

Trust: 0.4

url:https://access.redhat.com/security/team/contact/

Trust: 0.4

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-16135

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3200

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-25013

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-25012

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-35522

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-5827

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-35524

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-25013

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-25009

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-27645

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-33574

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-13435

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-5827

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-24370

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-14145

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-13751

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-25014

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-19603

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-14145

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-25012

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-35521

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-35942

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-17594

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3572

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-12762

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-36086

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3778

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-13750

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-13751

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-22898

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-12762

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-16135

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-36084

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-17541

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3800

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-17594

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-36087

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-36331

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-31535

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3445

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-13435

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-19603

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-22925

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-36330

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-18218

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20232

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20266

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-20838

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-22876

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-20231

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-36332

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-14155

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-25010

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-20838

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-25014

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-36085

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-33560

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-17595

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3481

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-42574

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-14155

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-25009

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2018-25010

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-35523

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-28153

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-13750

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3426

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-18218

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3580

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-3796

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-17595

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-24504

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-27777

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20239

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36158

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-35448

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3635

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20284

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36386

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-20673

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-0427

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-24586

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3348

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26140

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3487

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26146

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-31440

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3732

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-0129

Trust: 0.2

url:https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-43527

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-24502

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3564

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-0427

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-23133

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26144

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3679

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-36312

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-24370

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-29368

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-24588

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-29646

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-29155

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3489

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-29660

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3712

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26139

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-28971

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-23841

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-14615

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26143

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3600

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26145

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2018-20673

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-23840

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-33200

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-29650

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-33033

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20194

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26147

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-31916

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-17541

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-24503

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14615

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-24502

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-31829

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3573

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-20197

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-26141

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-28950

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-24587

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-24503

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2021-3659

Trust: 0.2

url:https://security.archlinux.org/asa-202102-13

Trust: 0.1

url:https://security.archlinux.org/cve-2020-10001

Trust: 0.1

url:https://access.redhat.com/security/vulnerabilities/rhsb-2021-009

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-44228

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:5137

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4393

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-37750

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27823

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3733

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1870

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3575

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30758

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-13558

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-15389

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33938

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-5727

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33929

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-5785

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-41617

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30665

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-12973

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30689

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20847

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30682

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33928

Trust: 0.1

url:https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22946

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-18032

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1801

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33930

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1765

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2016-4658

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-20845

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-26927

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-20847

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27918

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30749

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30795

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-5785

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1788

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-5727

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30744

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21775

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21806

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27814

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-36241

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30797

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-4658

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-13558

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20321

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27842

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1799

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-21779

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-29623

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20271

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3948

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-22947

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27828

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-12973

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20845

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1844

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1871

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-29338

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30734

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-26926

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30720

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-28650

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27843

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-24870

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27845

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-1789

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30663

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-30799

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3272

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2022:0202

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-15389

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-27824

Trust: 0.1

url:https://issues.jboss.org/):

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-33194

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:4627

Trust: 0.1

sources: VULHUB: VHN-162436 // VULMON: CVE-2020-10001 // JVNDB: JVNDB-2020-017322 // PACKETSTORM: 165296 // PACKETSTORM: 164849 // PACKETSTORM: 165631 // PACKETSTORM: 164967 // CNNVD: CNNVD-202102-206 // NVD: CVE-2020-10001

CREDITS

Red Hat

Trust: 0.4

sources: PACKETSTORM: 165296 // PACKETSTORM: 164849 // PACKETSTORM: 165631 // PACKETSTORM: 164967

SOURCES

db:VULHUBid:VHN-162436
db:VULMONid:CVE-2020-10001
db:JVNDBid:JVNDB-2020-017322
db:PACKETSTORMid:165296
db:PACKETSTORMid:164849
db:PACKETSTORMid:165631
db:PACKETSTORMid:164967
db:CNNVDid:CNNVD-202102-206
db:NVDid:CVE-2020-10001

LAST UPDATE DATE

2024-08-14T13:03:58.946000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-162436date:2021-11-30T00:00:00
db:VULMONid:CVE-2020-10001date:2021-04-07T00:00:00
db:JVNDBid:JVNDB-2020-017322date:2022-09-07T08:02:00
db:CNNVDid:CNNVD-202102-206date:2022-06-02T00:00:00
db:NVDid:CVE-2020-10001date:2021-11-30T21:49:17.823

SOURCES RELEASE DATE

db:VULHUBid:VHN-162436date:2021-04-02T00:00:00
db:VULMONid:CVE-2020-10001date:2021-04-02T00:00:00
db:JVNDBid:JVNDB-2020-017322date:2022-09-07T00:00:00
db:PACKETSTORMid:165296date:2021-12-15T15:27:05
db:PACKETSTORMid:164849date:2021-11-10T17:06:37
db:PACKETSTORMid:165631date:2022-01-20T17:48:29
db:PACKETSTORMid:164967date:2021-11-15T17:25:56
db:CNNVDid:CNNVD-202102-206date:2021-02-02T00:00:00
db:NVDid:CVE-2020-10001date:2021-04-02T18:15:14.357