CVE-2020-28241
Description
libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.209
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| C library for the MaxMind DB file format (USN-4631-1) libmaxminddb0_1.4.2-0ubuntu1.20.04.1_i386.deb | Linux |
| C library for the MaxMind DB file format (USN-4631-1) libmaxminddb0_1.4.2-0ubuntu1.20.04.1_amd64.deb | Linux |
| C library for the MaxMind DB file format (USN-4631-1) libmaxminddb0_1.4.2-0ubuntu1.20.10.1_i386.deb | Linux |
| C library for the MaxMind DB file format (USN-4631-1) libmaxminddb0_1.4.2-0ubuntu1.20.10.1_amd64.deb | Linux |
| Libmaxminddb update (ELSA-2024-0768) libmaxminddb-1.2.0-10.el8_9.1.i686.rpm | Linux |
| Libmaxminddb update (ELSA-2024-0768) libmaxminddb-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| Libmaxminddb-devel update (ELSA-2024-0768) libmaxminddb-devel-1.2.0-10.el8_9.1.i686.rpm | Linux |
| Libmaxminddb-devel update (ELSA-2024-0768) libmaxminddb-devel-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| (RHSA-2024:0768)Moderate: security update libmaxminddb-1.2.0-10.el8_9.1.i686.rpm | Linux |
| (RHSA-2024:0768)Moderate: security update libmaxminddb-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| (RHSA-2024:0768)Moderate: security update libmaxminddb-debuginfo-1.2.0-10.el8_9.1.i686.rpm | Linux |
| (RHSA-2024:0768)Moderate: security update libmaxminddb-debuginfo-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| (RHSA-2024:0768)Moderate: security update libmaxminddb-debugsource-1.2.0-10.el8_9.1.i686.rpm | Linux |
| (RHSA-2024:0768)Moderate: security update libmaxminddb-debugsource-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| (RHSA-2024:0768)Moderate: security update libmaxminddb-devel-1.2.0-10.el8_9.1.i686.rpm | Linux |
| (RHSA-2024:0768)Moderate: security update libmaxminddb-devel-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| libmaxminddb security update (RLSA-2024:0768) libmaxminddb-1.2.0-10.el8_9.1.i686.rpm | Linux |
| libmaxminddb security update (RLSA-2024:0768) libmaxminddb-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| libmaxminddb security update (RLSA-2024:0768) libmaxminddb-devel-1.2.0-10.el8_9.1.i686.rpm | Linux |
| libmaxminddb security update (RLSA-2024:0768) libmaxminddb-devel-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| Moderate: libmaxminddb security update libmaxminddb-1.2.0-10.el8_9.1.i686.rpm | Linux |
| Moderate: libmaxminddb security update libmaxminddb-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| Moderate: libmaxminddb security update libmaxminddb-devel-1.2.0-10.el8_9.1.i686.rpm | Linux |
| Moderate: libmaxminddb security update libmaxminddb-devel-1.2.0-10.el8_9.1.x86_64.rpm | Linux |
| Out-of-bounds Read Vulnerability (CVE-2020-28241) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234