CVE-2020-2800

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-2800
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-2800.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-2800
Related
Published
2020-04-15T14:15:28Z
Modified
2024-09-03T08:06:11.377161Z
Severity
  • 4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).

References

Affected packages

Git / github.com/openjdk/jdk

Affected ranges

Type
GIT
Repo
https://github.com/openjdk/jdk
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0620440d1f92448c18cedb790913579beaff19d8
Last affected
0bd0f10d2c5965369490624627f16a39d35c8734
Last affected
0d3829a2c5a70961ffc539865adc1442c1a30bb1
Last affected
13ad3ed8b99f8c872eebb5d0bb647d5bb44ea0b5
Last affected
1408dbfdbe550dcdea4cb9a849fab6cb371ded18
Last affected
1c11f83e9262d3bf07b9d095a7b1d3659f1f2a9e
Last affected
22e500e3a917594cd93baaf8b5c7d29360d250d1
Last affected
27cab0e0c87f124277c7afeb5dd6a8750443804e
Last affected
34063e3656db6d0cadb9168f37024e6e66fc2372
Last affected
38378b7ee032d70653b3f0d4205f2305cf4f1170
Last affected
38930ae468910fb1d763f18c1d9473beffa7f3cb
Last affected
423befc9a0123b2cf13041f8acbb2a0000ddccdc
Last affected
493ac9ee8f9c4fb66b687bd740b8e1fb5ee8b86a
Last affected
6412341d454eee8a151cf89b51cabfb7b3d87140
Last affected
69efabad3d8a2ff47a62a4626c574a56edec1cfd
Last affected
6c04fd835e86522d2136ee663e19cfd5f71b9aa8
Last affected
7517b9d19367e1f057e5450d7871135b5f878d02
Last affected
7588f37667fd2a8c00d9a1a6e1afc605b75e0dc2
Last affected
75c48b0d1b36d9361a412ee2db2f51b7d9b6ef1c
Last affected
7ba83041b1d65545833655293d0976dfd1ffdea8
Last affected
7c18f827d7f096cbeb96b086a8516754f0c70221
Last affected
7ff3916e57ab852014885c3e7bdb95e5c1ed8c1e
Last affected
81ecd2932e0caee8ed01955fccc9e958c6a5cda3
Last affected
8261ee6da3c5843806c20808cc4206c73bb0efac
Last affected
82d185e64838992b019c90133d508d479d5ced0a
Last affected
880e09412543af479bc335faeda6196489a2a045
Last affected
88b37fb2a8aecf2b0afa75904d212da11919aa98
Last affected
925752098ba63b25c1cb635f50a53684d4094f8b
Last affected
ae39310243b0486f5a6f1049c6ec5f29db31170c
Last affected
b4b746fb274cb65f8cbf4a884bb20749a8f35d2b
Last affected
ba79b2bcce1ceefdeb44bb7075bc5d2647a56834
Last affected
bd04d75035a888d5034c5f7e2e0508d1d28d14af
Last affected
c1ff9b2e3b5e31e5874ca7d7a38ea4fbd9bbdd5d
Last affected
cfa6e0878b1aff48b521ee21d2598abe7f4964c2
Last affected
d08e6435e4026542e4d4bffdf12748e83ef0f9fb
Last affected
d38a1f186d640dede9fccb727ec98db3a413f9d8
Last affected
d49120d46668eaaab9df465a9ee17b696cb4e37f
Last affected
e21ea57f72b20424ac38930bcf56513cd42642e5
Last affected
e514f9072fc6ea3d2ad4e9a81251bf1fc1ed1eb6
Last affected
e7187d14db3748428c4a312203549f7ee31d4471
Last affected
e7d87b234c444e39369e8575284f785c56113324
Last affected
e9a2e84e45e1120aa306a01dfb087200f6a7f903
Last affected
ed6697aa20e3f9c17a496a544b10bfe3543de38f

Affected versions

Other

jdk7-b24
jdk7-b25
jdk7-b26
jdk7-b27
jdk7-b28
jdk7-b29
jdk7-b30
jdk7-b31
jdk7-b32
jdk7-b33
jdk7-b34
jdk7-b35
jdk7-b36
jdk7-b37
jdk7-b38
jdk7-b39
jdk7-b40
jdk7-b41
jdk7-b42
jdk7-b43
jdk7-b44
jdk7-b45