CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-1939

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1980%
EPSS Percentile43.22th
Published2020年5月12日
Last Modified2024年11月21日

Vulnerability Description

The Apache NuttX (Incubating) project provides an optional separate "apps" repository which contains various optional components and example programs. One of these, ftpd, had a NULL pointer dereference bug. The NuttX RTOS itself is not affected. Users of the optional apps repository are affected only if they have enabled ftpd. Versions 6.15 to 8.2 are affected.

Affected Platforms (CPE)

📦
Apache

Nuttx

>= 6.15 and <= 8.2

References & Advisories

🔗 https://lists.apache.org/thread.html/re3adc65ff4d8d9c34e5bccba3941a28cbb0a47191c150df2727e101d%40%3Cdev.nuttx.apache.org%3E
🔗 https://lists.apache.org/thread.html/re3adc65ff4d8d9c34e5bccba3941a28cbb0a47191c150df2727e101d%40%3Cdev.nuttx.apache.org%3E

関連する脆弱性情報

CVE-2020-175299.8

Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows a...

CVE-2021-264619.8

Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improp...

CVE-2020-175289.1

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows a...

CVE-2018-205787.5

An issue was discovered in NuttX before 7.27. The function netlib_parsehttpurl() in apps/netutils/netlib/netlib_parsehttpurl.c mis...

CVE-2020-1939 Detail & Impact Analysis | CVSS 9.8 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space