CVE-2020-1939

2020-05-1215:15:12

Google

osv.dev

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.2%

JSON

The Apache NuttX (Incubating) project provides an optional separate “apps” repository which contains various optional components and example programs. One of these, ftpd, had a NULL pointer dereference bug. The NuttX RTOS itself is not affected. Users of the optional apps repository are affected only if they have enabled ftpd. Versions 6.15 to 8.2 are affected.

CPENameOperatorVersion
incubator-nuttxeqnuttx-6.26
incubator-nuttxeqnuttx-7.20
incubator-nuttxeqnuttx-7.17
incubator-nuttxeqnuttx-6.18
incubator-nuttxeqnuttx-7.14
incubator-nuttxeqnuttx-7.6
incubator-nuttxeqnuttx-7.3
incubator-nuttxeqnuttx-7.23
incubator-nuttxeqnuttx-7.10
incubator-nuttxeqnuttx-7.31

Name	Operator	Version
incubator-nuttx	eq	nuttx-6.26
incubator-nuttx	eq	nuttx-7.20
incubator-nuttx	eq	nuttx-7.17
incubator-nuttx	eq	nuttx-6.18
incubator-nuttx	eq	nuttx-7.14
incubator-nuttx	eq	nuttx-7.6
incubator-nuttx	eq	nuttx-7.3
incubator-nuttx	eq	nuttx-7.23
incubator-nuttx	eq	nuttx-7.10
incubator-nuttx	eq	nuttx-7.31