| CVSS Score (Vector) | 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N) |
| ThreatWorx Rating | 4 - Critical |
| Weakness Types | CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), XSS, Directory Traversal, CSRF, Code Execution, XML External Entity, Code Injection, Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), Access Bypass, Memory Overflow, DoS, Gain Information |
| Reported By | Red Hat, Oracle, Security Research, Amazon, Ubuntu, Rocky Linux, CISA ICS, Python, PacketStorm |
| First Reported | Sep 27, 2020 by Red Hat |
| Last Updated | Jul 11, 2024 by Ubuntu |
| NVD Status | Published CVE-2020-26116 |
| Affected Products | 2620 affected product(s) reported by NVD, Oracle, Red Hat, Security Research, Amazon, Ubuntu, Rocky Linux, CISA ICS, Python, PacketStorm |
| Patches | 2390 patch(es) published by Oracle, Red Hat, Amazon, Ubuntu, Rocky Linux |
| Remediations | 5 remediation(s) published by Amazon, CISA ICS |
| Latest Reference | Ubuntu |