Lucene search
RedHatRHSA-2020:3658HistorySep 08, 2020 - 8:37 a.m.
(RHSA-2020:3658) Important: librepo security update
2020-09-0808:37:04
access.redhat.com
24
0.002 Low
EPSS
Percentile
55.2%
The librepo library provides a C and Python API to download repository metadata.
Security Fix(es):
- librepo: missing path validation in repomd.xml may lead to directory traversal (CVE-2020-14352)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | ppc64le | python3-librepo | < 1.11.0-3.el8_2 | python3-librepo-1.11.0-3.el8_2.ppc64le.rpm |
| RedHat | 8 | s390x | librepo | < 1.11.0-3.el8_2 | librepo-1.11.0-3.el8_2.s390x.rpm |
| RedHat | 8 | s390x | librepo-debuginfo | < 1.11.0-3.el8_2 | librepo-debuginfo-1.11.0-3.el8_2.s390x.rpm |
| RedHat | 8 | aarch64 | librepo-debuginfo | < 1.11.0-3.el8_2 | librepo-debuginfo-1.11.0-3.el8_2.aarch64.rpm |
| RedHat | 8 | s390x | python3-librepo-debuginfo | < 1.11.0-3.el8_2 | python3-librepo-debuginfo-1.11.0-3.el8_2.s390x.rpm |
| RedHat | 8 | aarch64 | librepo-debugsource | < 1.11.0-3.el8_2 | librepo-debugsource-1.11.0-3.el8_2.aarch64.rpm |
| RedHat | 8 | ppc64le | librepo-debuginfo | < 1.11.0-3.el8_2 | librepo-debuginfo-1.11.0-3.el8_2.ppc64le.rpm |
| RedHat | 8 | x86_64 | librepo-debuginfo | < 1.11.0-3.el8_2 | librepo-debuginfo-1.11.0-3.el8_2.x86_64.rpm |
| RedHat | 8 | x86_64 | librepo-debugsource | < 1.11.0-3.el8_2 | librepo-debugsource-1.11.0-3.el8_2.x86_64.rpm |
| RedHat | 8 | i686 | librepo-debugsource | < 1.11.0-3.el8_2 | librepo-debugsource-1.11.0-3.el8_2.i686.rpm |
Related
oraclelinux
oraclelinux
librepo security update
2020-09-09 00:00:00
librepo security update
2020-11-12 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: dnf-plugins-core-4.0.18-1.fc32
2020-10-18 15:50:34
[SECURITY] Fedora 33 Update: librepo-1.12.1-1.fc33
2020-10-27 01:21:31
[SECURITY] Fedora 32 Update: createrepo_c-0.16.1-2.fc32
2020-10-18 15:50:32
nessus
nessus
Fedora 32 : 1:livecd-tools / createrepo_c / dnf / dnf-plugins-core / etc (2020-5d9f0ce2b3)
2020-10-19 00:00:00
EulerOS 2.0 SP9 : librepo (EulerOS-SA-2020-2431)
2020-11-03 00:00:00
redhat
redhat
(RHSA-2020:5012) Moderate: librepo security update
2020-11-10 09:39:39
(RHSA-2020:3749) Important: librepo security update
2020-09-15 09:41:21
(RHSA-2020:3756) Important: librepo security update
2020-09-15 16:17:35
suse
suse
Security update for librepo (important)
2021-02-15 00:00:00
Security update for librepo (important)
2020-08-30 00:00:00
Security update for librepo (important)
2020-09-18 00:00:00
amazon
amazon
Important: librepo
2020-12-08 20:55:00
openvas
openvas
Huawei EulerOS: Security Advisory for librepo (EulerOS-SA-2020-2431)
2020-11-04 00:00:00
openSUSE: Security Advisory for librepo (openSUSE-SU-2021:0277-1)
2021-04-16 00:00:00
Fedora: Security Advisory for librepo (FEDORA-2020-b40fc174b5)
2020-10-27 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-14352 affecting package librepo 1.11.0-4
2020-11-30 19:30:42
prion
prion
Design/Logic Flaw
2020-08-30 15:15:00
cve
cve
CVE-2020-14352
2020-08-30 15:15:12
osv
osv
CVE-2020-14352
2020-08-30 15:15:12
redhatcve
redhatcve
CVE-2020-14352
2020-08-13 11:43:31
nvd
nvd
CVE-2020-14352
2020-08-30 15:15:12
mageia
mageia
Updated librepo packages fix a security vulnerability
2020-11-21 15:21:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1886
2021-07-02 17:16:21
cvelist
cvelist
CVE-2020-14352
2020-08-30 13:55:27
veracode
veracode
Directory Traversal
2020-09-09 01:47:25
centos
centos
librepo, python security update
2020-11-18 17:38:35
photon
photon
Important Photon OS Security Update - PHSA-2020-0164
2020-11-23 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0164
2020-11-23 00:00:00
