CPANSA-Net-Dropbear-2020-36254-dropbear: Net-Dropbear vulnerability
| Publisher | giterlizzi | Document category | csaf_security_advisory |
|---|---|---|---|
| Initial release date | 2021-02-25T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
| Current release date | 2021-02-25T00:00:00 | Build Date | |
| Current version | 1 | Status | final |
| CVSS v3.1 Base Score | 8.1 | Severity | High |
| Original language | Language | en | |
| Also referred to | |||
Vulnerability Description
scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
Vulnerabilities
CVE-2020-36254
Vulnerability Descriptionscp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
Product status
Known affected
| Product | Score | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Net-Dropbear greater than or equal 0.11 and less than or equal 0.13 |
|
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Net-Dropbear-2020-36254-dropbear JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2021/cpansa-net-dropbear-2020-36254-dropbear.json - https://metacpan.org/release/ATRODO/Net-Dropbear-0.15/changes external
https://metacpan.org/release/ATRODO/Net-Dropbear-0.15/changes - https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff external
https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff - CVE-2020-36254 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2020-36254
Revision history
| Version | Date of the revision | Summary of the revision |
|---|---|---|
| 1 | Thu Feb 25 00:00:00 2021 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/