CVE-2020-0946 — Sensitive Information Exposure in Microsoft Windows
Severity
5.5MEDIUMNVD
EPSS
30.6%
top 3.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 15
Latest updateMay 24
Description
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0937, CVE-2020-0939, CVE-2020-0945, CVE-2020-0947.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6
Affected Packages10 packages
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-gwjq-59ch-2j8v: An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosur↗2022-05-24
CVEList▶
CVE-2020-0946: An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosur↗2020-04-15
📋Vendor Advisories
1🕵️Threat Intelligence
3💬Community
1Bugzilla▶
CVE-2020-1744 keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP↗2020-02-21