漏洞信息详情
Radar COVID 信息泄露漏洞
- CNNVD编号:CNNVD-202011-1392 <!--
- 危害等级: 中危-->
- 危害等级: 中危
- CVE编号: CVE-2020-26230
- 漏洞类型: 信息泄露
- 发布时间: 2020-11-13
- 威胁类型: 远程
- 更新时间: 2020-12-07
- 厂 商:
- 漏洞来源:
-
漏洞简介
Radar COVID是西班牙的一款对 COVID-19 进行暴露统治的软件。
Radar COVID 存在安全漏洞,该漏洞源于Radar COVID连接到服务器(将TEK上载到后端)仅由COVID-19肯定的连接造成的。
漏洞公告
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://github.com/RadarCOVID/radar-covid-backend-dp3t-server/security/advisories/GHSA-w7jx-37x3-w2jx
参考网址
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-android/commit/8e5d14ec60e0c1847a4733556cf34d232c27102c
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-backend-dp3t-server/commit/6d30c92cc8fcbde3ded7e9518853ef278080344d
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-android/commit/91dcfff6252055637bc9ee0c46b8f003d64a16b9
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-android/commit/9627f4d69705bca68e550eefd3df1b9abe90b215
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-android/commit/7fdc7debeb8a37faa77b53d9f9a1b4bbcff445ce
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-backend-dp3t-server/commit/c37f81636250892670750e3989139fd76d4beffe
来源:MISC
链接:https://github.com/DP-3T/documents/blob/master/DP3T%20-%20Best%20Practices%20for%20Operation%20Security%20in%20Proximity%20Tracing.pdf
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-android/commit/53252773ffa81e116deabcbbea3bac96872b9888
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-ios/commit/2d1505d4858642995ea09f02f23c953acaa65195
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-android/commit/ea0c4cc837f72f58e2b5df1ecf0899743ec3cdf8
来源:CONFIRM
链接:https://github.com/RadarCOVID/radar-covid-backend-dp3t-server/security/advisories/GHSA-w7jx-37x3-w2jx
来源:MISC
链接:https://github.com/RadarCOVID/radar-covid-android/commit/09d00e5ede801ca400d45c7feda5a99c34e4176c
来源:nvd.nist.gov
链接:https://nvd.nist.gov/vuln/detail/CVE-2020-26230
受影响实体
暂无
补丁
- Radar COVID 信息泄露漏洞的修复措施<!--2020-11-13-->
还没有评论,来说两句吧...