How severe is CVE-2020-12658?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2020-12658?

This is classified as CWE-667, which is a common weakness in software security.

CVE-2020-12658

CRITICAL Year: 2020

CVSS v3 Score

9.8

Critical

CVSS v2 Score

7.5

High

Weakness Type

CWE-667

View all →

Vulnerability Description

gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex before pthread exit in gp_worker_main() in gp_workers.c. NOTE: An upstream comment states "We are already on a shutdown path when running the code in question, so a DoS there doesn't make any sense, and there has been no additional information provided us (as upstream) to indicate why this would be a problem.

CVE-2019-5886

CRITICAL

CVSS:9.8(Critical)

An issue was discovered in ShopXO 1.2.0. In the application\install\controller\Index.php file, there is no validation lock file in the Add method, which allows an attacker to reinstall the database. T...

CWE-6672019

CVE-2021-22530

CRITICAL

CVSS:9.9(Critical)

A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise ...

CWE-6672021

CVE-2020-15674

HIGH

CVSS:8.8(High)

Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been explo...

CWE-6672020

CVE-2024-58087

HIGH

CVSS:8.1(High)

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue from session lookup and expire Increment the session reference count within the lock for lookup to avoid racy ...

CWE-6672024