CVE-2020-8286

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-8286

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8286.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-8286

Aliases

CURL-CVE-2020-8286

Downstream

ALPINE-CVE-2020-8286

BELL-CVE-2020-8286

DEBIAN-CVE-2020-8286

DLA-2500-1

DSA-4881-1

JLSEC-2025-25

OESA-2021-1004

RHSA-2021:1610

RHSA-2021:2472

RLSA-2021:1610

SUSE-SU-2020:3733-1

SUSE-SU-2020:3735-1

SUSE-SU-2020:3739-1

SUSE-SU-2021:1786-1

UBUNTU-CVE-2020-8286

USN-4665-1

openSUSE-SU-2020:2238-1

openSUSE-SU-2020:2249-1

openSUSE-SU-2024:10582-1

Related

Published

2020-12-14T20:15:14.043Z

Modified

2026-02-21T07:32:30.810874Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

References

Affected packages

Git / github.com/python-pillow/pillow

Affected ranges

Type: GIT
Repo: https://github.com/python-pillow/pillow
Events: Introduced

204aae6682fc936f5350b3fe70335776f81480a7

Fixed

89f1f4626a2aaf5f3d5ca6437f41def2998fbe09

Affected versions

11.*

11.0.0

11.1.0

11.2.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-8286.json"