VDB
CVE-2020-16135
CVE-2020-16135
PUBLISHED
libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.
EPSS 1.41% · 80.8th percentile
Risk Scores
EPSS Score
1.41%
80.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | libssh | 0.6.3-3ubuntu3, 0.6.3-4.3, 0.6.3-4.3ubuntu0.1 |
| Ubuntu:18.04:LTS | libssh | 0, 0.8.0~20170825.94fa1e38-1, 0.8.0~20170825.94fa1e38-1build1 |
| Ubuntu:20.04:LTS | libssh | 0, 0.9.0-1ubuntu1, 0.9.0-1ubuntu4 |
Timeline
- Jul 29, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
- Jan 7, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-16135 third-party-advisory
- https://bugs.libssh.org/rLIBSSHe631ebb3e2247dd25e9678e6827c20dc73b73238 third-party-advisory
- https://bugs.libssh.org/T232 third-party-advisory
- https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120 third-party-advisory
- https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=1493b4466fa394b321d196ad63dd6a4fa395d337 third-party-advisory
- https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=dbfb7f44aa905a7103bdde9a198c1e9b0f480c2e third-party-advisory
- https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=65ae496222018221080dd753a52f6d70bf3ca5f3 third-party-advisory
- https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=df0acab3a077bd8ae015e3e8b4c71ff31b5900fe third-party-advisory
- https://ubuntu.com/security/notices/USN-4447-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-16135 third-party-advisory