Vulnerability Change Records for CVE-2020-8286

Change History

CVE Modified by HackerOne 4/26/2021 5:15:08 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://support.apple.com/kb/HT212325 [No Types Assigned]
Added Reference

								
							
							
						
https://support.apple.com/kb/HT212326 [No Types Assigned]
Added Reference

								
							
							
						
https://support.apple.com/kb/HT212327 [No Types Assigned]

CVE Modified by HackerOne 3/31/2021 8:15:15 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.debian.org/security/2021/dsa-4881 [No Types Assigned]

Modified Analysis 5/03/2021 4:33:55 PM

Action Type Old Value New Value
Changed Reference Type
http://seclists.org/fulldisclosure/2021/Apr/51 No Types Assigned
http://seclists.org/fulldisclosure/2021/Apr/51 Mailing List, Third Party Advisory

CVE Modified by HackerOne 1/26/2021 1:16:08 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.netapp.com/advisory/ntap-20210122-0007/ [No Types Assigned]

CVE Modified by HackerOne 12/20/2020 11:15:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/ [No Types Assigned]

CVE Modified by HackerOne 12/14/2020 10:15:11 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ [No Types Assigned]

CVE Modified by HackerOne 4/27/2021 4:15:08 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://seclists.org/fulldisclosure/2021/Apr/51 [No Types Assigned]

Modified Analysis 12/22/2020 10:6:06 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
     *cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Changed CPE Configuration
OR
     *cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* versions from (including) 7.41.0 up to (including) 7.73.0
OR
     *cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:* versions from (including) 7.41.0 up to (including) 7.73.0
Changed Reference Type
https://hackerone.com/reports/1048457 Exploit, Third Party Advisory
https://hackerone.com/reports/1048457 Exploit, Patch, Third Party Advisory
Changed Reference Type
https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html No Types Assigned
https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html Mailing List, Third Party Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAEHE2S2QLO4AO4MEEYL75NB7SAH5PSL/ Third Party Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZUVSQHN2ESHMJXNQ2Z7T2EELBB5HJXG/ Third Party Advisory

Initial Analysis 12/14/2020 9:18:29 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* versions from (including) 7.41.0 up to (including) 7.73.0
Added CVSS V2

								
							
							
						
NIST (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Added CWE

								
							
							
						
NIST CWE-295
Changed Reference Type
https://curl.se/docs/CVE-2020-8286.html No Types Assigned
https://curl.se/docs/CVE-2020-8286.html Vendor Advisory
Changed Reference Type
https://hackerone.com/reports/1048457 No Types Assigned
https://hackerone.com/reports/1048457 Exploit, Third Party Advisory

CVE Modified by HackerOne 12/23/2020 5:15:15 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/202012-14 [No Types Assigned]

CVE Modified by HackerOne 12/19/2020 12:15:12 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.debian.org/debian-lts-announce/2020/12/msg00029.html [No Types Assigned]