CVE Vulnerabilities

CVE-2020-8231

This vulnerability is marked as RESERVED by NVD. This means that the CVE-ID is reserved for future use by the CVE Numbering Authority (CNA) or a security researcher, but the details of it are not yet publicly available yet.

This page will reflect the classification results once they are available through NVD.

Any vendor information available is shown as below.

Redhat

CVE-2020-8231 curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set

Affected Software List

NameVendorVersion
Red Hat Enterprise Linux 8RedHatcurl-0:7.61.1-18.el8

Ubuntu

Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.

Affected Software List

NameVendorVersion
CurlUbuntu/trustyout of standard support
CurlUbuntu/bionic7.58.0-2ubuntu3.10
CurlUbuntu/focal7.68.0-1ubuntu2.2
CurlUbuntu/groovy7.68.0-1ubuntu4.2
CurlUbuntu/xenial7.47.0-1ubuntu2.16
CurlUbuntu/esm-infra/xenial7.47.0-1ubuntu2.16
CurlUbuntu/precise/esmend of ESM support, was needed
CurlUbuntu/trusty/esm7.35.0-1ubuntu2.20+esm5