CVE-2020-1934

Published: Apr 1, 2020
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2020-1934" target="_blank" rel="noopener"> CVE-2020-1934
Severity: Medium
Exploit:

In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
apache / http_server	2.4.0	2.4.41.x
fedoraproject / fedora	31	31.x
fedoraproject / fedora	32	32.x
debian / debian_linux	9.0	9.0.x
debian / debian_linux	10.0	10.0.x
canonical / ubuntu_linux	18.04	18.04.x
canonical / ubuntu_linux	20.04	20.04.x
canonical / ubuntu_linux	16.04	16.04.x
opensuse / leap	15.1	15.1.x
oracle / instantis_enterprisetrack	17.1	17.3.x
oracle / communications_element_manager	8.2.0	8.2.0.x
oracle / communications_element_manager	8.2.1	8.2.1.x
oracle / communications_element_manager	8.1.1	8.1.1.x
oracle / enterprise_manager_ops_center	12.4.0.0	12.4.0.0.x
oracle / communications_session_report_manager	8.1.1	8.1.1.x
oracle / communications_session_report_manager	8.2.0	8.2.0.x
oracle / communications_session_report_manager	8.2.1	8.2.1.x
oracle / communications_session_route_manager	8.1.1	8.1.1.x
oracle / communications_session_route_manager	8.2.0	8.2.0.x
oracle / communications_session_route_manager	8.2.1	8.2.1.x
oracle / zfs_storage_appliance_kit	8.8	8.8.x