CVE-2020-14301
- Source
- https://cve.org/CVERecord?id=CVE-2020-14301
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14301.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-14301
- Downstream
- Related
- Published
- 2021-05-27T20:15:07.727Z
- Modified
- 2026-04-10T04:22:33.446505Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the
dumpxmlcommand. - References
Affected packages
Git / github.com/libvirt/libvirt
Affected ranges
- Type
- GIT
- Repo
- https://github.com/libvirt/libvirt
- Events
-
IntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "6.2.0" }, { "fixed": "6.3.0" }, { "introduced": "0" }, { "last_affected": "8.0" }, { "introduced": "0" }, { "last_affected": "8.4" }, { "introduced": "0" }, { "last_affected": "8.0" }, { "introduced": "0" }, { "last_affected": "8.4" }, { "introduced": "0" }, { "last_affected": "8.0" }, { "introduced": "0" }, { "last_affected": "8.4" }, { "introduced": "0" }, { "last_affected": "8.4" }, { "introduced": "0" }, { "last_affected": "8.4" }, { "introduced": "0" }, { "last_affected": "8.4" }, { "introduced": "0" }, { "last_affected": "8.4" } ] }
Affected versions
Other
CVE-2020-14339
CVE-2020-25637
CVE-2021-3631
CVE-2021-3667
CVE-2022-0897
v6.*
v6.10.0
v6.10.0-rc1
v6.10.0-rc2
v6.2.0
v6.3.0
v6.3.0-rc1
v6.4.0
v6.4.0-rc1
v6.5.0
v6.5.0-rc1
v6.5.0-rc2
v6.6.0
v6.6.0-rc1
v6.7.0
v6.7.0-rc1
v6.7.0-rc2
v6.8.0
v6.8.0-rc1
v6.8.0-rc2
v6.9.0
v6.9.0-rc1
v6.9.0-rc2
v7.*
v7.0.0
v7.0.0-rc1
v7.0.0-rc2
v7.1.0
v7.1.0-rc1
v7.1.0-rc2
v7.10.0
v7.10.0-rc1
v7.10.0-rc2
v7.2.0
v7.2.0-rc1
v7.2.0-rc2
v7.3.0
v7.3.0-rc1
v7.3.0-rc2
v7.4.0
v7.4.0-rc1
v7.4.0-rc2
v7.5.0
v7.5.0-rc1
v7.5.0-rc2
v7.6.0
v7.6.0-rc1
v7.6.0-rc2
v7.7.0
v7.7.0-rc1
v7.7.0-rc2
v7.8.0
v7.8.0-rc1
v7.8.0-rc2
v7.9.0
v7.9.0-rc1
v7.9.0-rc2
v8.*
v8.0.0
v8.0.0-rc1
v8.0.0-rc2
v8.1.0
v8.1.0-rc1
v8.1.0-rc2
v8.2.0
v8.2.0-rc1
v8.2.0-rc2
v8.3.0
v8.3.0-rc1
v8.3.0-rc2
v8.4.0
v8.4.0-rc1
v8.4.0-rc2