curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).

CPENameOperatorVersion
debian_linuxeq10.0
curlge7.62.0
curlle7.70.0
simatic_tim_1531_irc_firmwarelt2.2
sinec_infrastructure_network_serviceslt1.0.1.1

Name	Operator	Version
debian_linux	eq	10.0
curl	ge	7.62.0
curl	le	7.70.0
simatic_tim_1531_irc_firmware	lt	2.2
sinec_infrastructure_network_services	lt	1.0.1.1

References

cert-portal.siemens.com/productcert/pdf/ssa-200951.pdf

cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

curl.se/docs/CVE-2020-8169.html

hackerone.com/reports/874778

www.debian.org/security/2021/dsa-4881

nvd 1

alpinelinux 1

hackerone 1

openvas 11

redhatcve 1

nessus 17

cbl_mariner 1

cvelist 1

veracode 1

debiancve 1

ubuntucve 1

cve 1

osv 2

cloudfoundry 1

freebsd 1

fedora 3

gentoo 1

ibm 5

ubuntu 1

mageia 1

suse 1

ics 3

slackware 1

redhat 2

debian 1

photon 1

nvd

CVE-2020-8169

2020-12-14 20:15:13

alpinelinux

CVE-2020-8169

2020-12-14 20:15:13

hackerone

curl: Partial password leak over DNS on HTTP redirect

2020-05-15 09:14:00

openvas

PHP < 7.2.32, 7.3 < 7.3.20, 7.4 < 7.4.8 libcurl Vulnerability (May 2020) - Windows

2020-07-15 00:00:00

SUSE: Security Advisory (SUSE-SU-2020:1733-1)

2021-06-09 00:00:00

Fedora: Security Advisory for mingw-curl (FEDORA-2020-ad05132742)

2020-08-08 00:00:00

redhatcve

CVE-2020-8169

2020-06-26 13:51:13

nessus

PHP 7.2.x < 7.2.32 / 7.3.x < 7.3.20 / 7.4.x < 7.4.8 Information Disclosure

2020-07-17 00:00:00

openSUSE Security Update : curl (openSUSE-2020-883)

2020-07-20 00:00:00

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : curl vulnerabilities (USN-4402-1)

2020-06-25 00:00:00

cbl_mariner

CVE-2020-8169 affecting package curl 7.68.0-5

2021-08-11 06:39:26

cvelist

CVE-2020-8169

2020-12-14 19:41:54

veracode

Information Disclosure

2020-09-16 08:07:12

debiancve

CVE-2020-8169

2020-12-14 20:15:13

ubuntucve

CVE-2020-8169

2020-06-24 00:00:00

cve

CVE-2020-8169

2020-12-14 20:15:13

osv

CVE-2020-8169

2020-12-14 20:15:13

curl - security update

2021-03-30 00:00:00

cloudfoundry

USN-4402-1: curl vulnerabilities | Cloud Foundry

2020-07-22 00:00:00

freebsd

curl -- multiple vulnerabilities

2020-06-24 00:00:00

fedora

[SECURITY] Fedora 32 Update: curl-7.69.1-4.fc32

2020-06-27 02:08:07

[SECURITY] Fedora 32 Update: mingw-curl-7.71.1-1.fc32

2020-08-05 01:20:49

[SECURITY] Fedora 31 Update: curl-7.66.0-2.fc31

2020-07-10 01:01:54

gentoo

cURL: Multiple vulnerabilities

2020-07-26 00:00:00

ibm

Security Bulletin: cURL vulnerabilities CVE-2020-8169 CVE-2020-8177 impact IBM Aspera High-Speed Transfer Server 3.9.6.2 and earlier and Aspera High-Speed Transfer Endpoint 3.9.6.2 and earlier

2020-12-11 18:03:35

Security Bulletin: IBM Cloud Private is vulnerable to cURL vulnerabilities (CVE-2020-8169, CVE-2020-8177)

2021-02-26 13:18:21

Security Bulletin: Vulnerabilities in Curl affect PowerSC (CVE-2020-8169, CVE-2020-8177)

2020-10-23 20:38:54

ubuntu

curl vulnerabilities

2020-06-24 00:00:00

mageia

Updated curl packages fix security vulnerability

2020-07-05 22:48:23

suse

Security update for curl (important)

2020-06-28 00:00:00

ics

Siemens SIMATIC TIM libcurl

2021-06-29 12:00:00

Siemens SINEC INS

2022-03-10 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

slackware

[slackware-security] curl

2020-06-24 20:40:25

redhat

(RHSA-2021:2471) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

2021-06-17 11:31:22

(RHSA-2021:2472) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP8 security update

2021-06-17 11:33:18

debian

[SECURITY] [DSA 4881-1] curl security update

2021-03-31 09:30:31

photon

Critical Photon OS Security Update - PHSA-2023-3.0-0603

2023-06-26 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.6%

JSON

Related for PRION:CVE-2020-8169