CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8945

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.04

EPSS Ranking 87.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.1

References

Products affected by CVE-2020-8945

Gpgme Project » Gpgme » Version: 0.1.0

cpe:2.3:a:gpgme_project:gpgme:0.1.0
Redhat » Openshift Container Platform » Version: 3.11

cpe:2.3:a:redhat:openshift_container_platform:3.11
Redhat » Openshift Container Platform » Version: 4.1

cpe:2.3:a:redhat:openshift_container_platform:4.1
Redhat » Openshift Container Platform » Version: 4.2

cpe:2.3:a:redhat:openshift_container_platform:4.2
Redhat » Openshift Container Platform » Version: 4.3

cpe:2.3:a:redhat:openshift_container_platform:4.3
Redhat » Openshift Container Platform » Version: 4.4

cpe:2.3:a:redhat:openshift_container_platform:4.4
Redhat » Openshift Container Platform » Version: 4.5

cpe:2.3:a:redhat:openshift_container_platform:4.5
Redhat » Openshift Container Platform For Ibm Z » Version: 4.1

cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.1
Redhat » Openshift Container Platform For Ibm Z » Version: 4.2

cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.2
Redhat » Openshift Container Platform For Linuxone » Version: 4.1

cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.1
Redhat » Openshift Container Platform For Linuxone » Version: 4.2

cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.2
Fedoraproject » Fedora » Version: 30

cpe:2.3:o:fedoraproject:fedora:30
Fedoraproject » Fedora » Version: 31

cpe:2.3:o:fedoraproject:fedora:31
Fedoraproject » Fedora » Version: 32

cpe:2.3:o:fedoraproject:fedora:32
Redhat » Enterprise Linux » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux:7.0
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0
Redhat » Enterprise Linux For Ibm Z Systems » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0
Redhat » Enterprise Linux For Power Little Endian » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0
Redhat » Enterprise Linux Server » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_server:7.0
Redhat » Enterprise Linux Workstation » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-8945

Products

Pricing

Contact Us