CVE-2020-1075 — Sensitive Information Exposure in Microsoft Windows
Severity
5.5MEDIUMNVD
EPSS
0.4%
top 37.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 21
Latest updateMay 24
Description
An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6
Affected Packages10 packages
▶CVEListV5microsoft/windows_server2019, 2019 (Core installation), version 1803 (Core Installation)+2
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-j3xc-r8vm-6j6w: An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux↗2022-05-24
CVEList▶
CVE-2020-1075: An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux↗2020-05-21