ID CVE-2020-8231
Summary Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.
References
Vulnerable Configurations
  • cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.29.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.30.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.31.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.32.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.33.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.34.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.35.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.36.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.37.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.37.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.38.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.39:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.39.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.39.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.40.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.41.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.42:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.42:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.42.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.42.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.43.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.44.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.45.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.46.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.47.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.47.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.48.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.49.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.49.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.50.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.51.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.52.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.52.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.53.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.53.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.54.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.54.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.55.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.55.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.56.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.56.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.56.0:*:*:*:*:*:x86:*
    cpe:2.3:a:haxx:libcurl:7.56.0:*:*:*:*:*:x86:*
  • cpe:2.3:a:haxx:libcurl:7.56.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.56.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.56.1:*:*:*:*:*:x86:*
    cpe:2.3:a:haxx:libcurl:7.56.1:*:*:*:*:*:x86:*
  • cpe:2.3:a:haxx:libcurl:7.57.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.57.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.58.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.58.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.59.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.59.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.60.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.60.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.61.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.61.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.61.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.61.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.62.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.62.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.63.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.63.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.64.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.64.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.64.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.64.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.65.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.65.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.65.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.65.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.65.2:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.65.2:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.65.3:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.65.3:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.66.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.66.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.67.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.67.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.68.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.68.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.69.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.69.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.69.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.69.1:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.70.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.70.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.71.0:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.71.0:*:*:*:*:*:*:*
  • cpe:2.3:a:haxx:libcurl:7.71.1:*:*:*:*:*:*:*
    cpe:2.3:a:haxx:libcurl:7.71.1:*:*:*:*:*:*:*
  • cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*
    cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 13-05-2022 - 20:57)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
gentoo GLSA-202012-14
misc
Last major update 13-05-2022 - 20:57
Published 14-12-2020 - 20:15
Last modified 13-05-2022 - 20:57
Back to Top