CVE-2019-20836
published 2020-06-04CVE-2019-20836: An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive.
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxitsoftware | phantompdf | < 9.5 | 9.5 |
| foxitsoftware | reader | < 9.5 | 9.5 |
| linux | linux_kernel | >= 0 < 4.4.0-157.185 | 4.4.0-157.185 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
osv8.1HIGH