CVE-2020-7450
N/A
N/A
Summary
In FreeBSD 12.1-STABLE before r357213, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before 12.0-RELEASE-p13, 11.3-STABLE before r357214, and 11.3-RELEASE before 11.3-RELEASE-p6, URL handling in libfetch with URLs containing username and/or password components is vulnerable to a heap buffer overflow allowing program misbehavior or malicious code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | FreeBSD | 12.1-STABLE before r357213 | affected |
| n/a | FreeBSD | 12.1-RELEASE before 12.1-RELEASE-p2 | affected |
| n/a | FreeBSD | 12.0-RELEASE before 12.0-RELEASE-p13 | affected |
| n/a | FreeBSD | 11.3-STABLE before r357214 | affected |
| n/a | FreeBSD | 11.3-RELEASE before 11.3-RELEASE-p6 | affected |
Weaknesses
- Heap-based buffer overflow
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.