Vulnerability Change Records for CVE-2020-26258

Change History

Modified Analysis 12/23/2020 10:41:27 AM

Action Type Old Value New Value
Changed Reference Type
https://github.com/x-stream/xstream/security/advisories/GHSA-4cch-wxpw-8p28 Third Party Advisory
https://github.com/x-stream/xstream/security/advisories/GHSA-4cch-wxpw-8p28 Exploit, Third Party Advisory
Changed Reference Type
https://lists.apache.org/thread.html/r97993e3d78e1f5389b7b172ba9f308440830ce5f051ee62714a0aa34@%3Ccommits.struts.apache.org%3E No Types Assigned
https://lists.apache.org/thread.html/r97993e3d78e1f5389b7b172ba9f308440830ce5f051ee62714a0aa34@%3Ccommits.struts.apache.org%3E Mailing List, Third Party Advisory

Initial Analysis 12/17/2020 10:16:32 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* versions up to (excluding) 1.4.15
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Added CWE

								
							
							
						
NIST CWE-918
Changed Reference Type
https://github.com/x-stream/xstream/security/advisories/GHSA-4cch-wxpw-8p28 No Types Assigned
https://github.com/x-stream/xstream/security/advisories/GHSA-4cch-wxpw-8p28 Third Party Advisory
Changed Reference Type
https://x-stream.github.io/CVE-2020-26258.html No Types Assigned
https://x-stream.github.io/CVE-2020-26258.html Exploit, Mitigation, Third Party Advisory

Modified Analysis 3/04/2021 3:5:30 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
     *cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Changed Reference Type
https://lists.debian.org/debian-lts-announce/2020/12/msg00042.html No Types Assigned
https://lists.debian.org/debian-lts-announce/2020/12/msg00042.html Mailing List, Third Party Advisory
Changed Reference Type
https://www.debian.org/security/2021/dsa-4828 No Types Assigned
https://www.debian.org/security/2021/dsa-4828 Patch, Third Party Advisory

CVE Modified by GitHub, Inc. 4/09/2021 5:15:13 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20210409-0005/ [No Types Assigned]

CVE Modified by GitHub, Inc. 1/08/2021 7:15:12 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.debian.org/security/2021/dsa-4828 [No Types Assigned]

CVE Modified by GitHub, Inc. 12/21/2020 3:15:13 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/r97993e3d78e1f5389b7b172ba9f308440830ce5f051ee62714a0aa34@%3Ccommits.struts.apache.org%3E [No Types Assigned]

CVE Modified by GitHub, Inc. 12/31/2020 12:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.debian.org/debian-lts-announce/2020/12/msg00042.html [No Types Assigned]