[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-28374":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":40,"aliases":41,"duplicate_of":9,"upstream":42,"downstream":43,"duplicates":150,"related":151,"reserved_at":9,"published_at":178,"modified_at":179,"state":180,"summary":181,"references_raw":190,"kevs":264,"epss":265,"epss_history":268,"metrics":538,"affected":549},"CVE-2020-28374","In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-22","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-126","Path Traversal",[],{"id":25,"name":26,"techniques":27},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":29,"name":30,"techniques":31},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":33,"name":34,"techniques":35},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":37,"name":38,"techniques":39},"CAPEC-79","Using Slashes in Alternate Encoding",[],[],[],[],[44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132,134,136,138,140,142,144,146,148],{"_key":45},"SUSE-SU-2021:0433-1",{"_key":47},"SUSE-SU-2021:0835-1",{"_key":49},"SUSE-SU-2021:0117-1",{"_key":51},"SUSE-SU-2021:0118-1",{"_key":53},"SUSE-SU-2021:0133-1",{"_key":55},"SUSE-SU-2021:0347-1",{"_key":57},"SUSE-SU-2021:0348-1",{"_key":59},"SUSE-SU-2021:0427-1",{"_key":61},"SUSE-SU-2021:0434-1",{"_key":63},"SUSE-SU-2021:0438-1",{"_key":65},"SUSE-SU-2021:0743-1",{"_key":67},"SUSE-SU-2021:0744-1",{"_key":69},"SUSE-SU-2021:0818-1",{"_key":71},"SUSE-SU-2021:0823-1",{"_key":73},"SUSE-SU-2021:0826-1",{"_key":75},"SUSE-SU-2021:0841-1",{"_key":77},"SUSE-SU-2021:0842-1",{"_key":79},"SUSE-SU-2021:0849-1",{"_key":81},"SUSE-SU-2021:0853-1",{"_key":83},"SUSE-SU-2021:0859-1",{"_key":85},"SUSE-SU-2021:0868-1",{"_key":87},"SUSE-SU-2021:0870-1",{"_key":89},"OPENSUSE-SU-2021:0060-1",{"_key":91},"OPENSUSE-SU-2021:0075-1",{"_key":93},"RHSA-2021:0862",{"_key":95},"RHSA-2021:0856",{"_key":97},"RHSA-2021:0857",{"_key":99},"RHSA-2021:1376",{"_key":101},"RHSA-2021:1377",{"_key":103},"RHSA-2021:1531",{"_key":105},"RHSA-2021:1532",{"_key":107},"RHSA-2021:2167",{"_key":109},"RHSA-2021:2185",{"_key":111},"RHSA-2021:2190",{"_key":113},"RHSA-2021:1081",{"_key":115},"RHSA-2021:1093",{"_key":117},"RHSA-2021:2099",{"_key":119},"RHSA-2021:2106",{"_key":121},"RHSA-2021:2732",{"_key":123},"DLA-2557-1",{"_key":125},"DLA-2586-1",{"_key":127},"DSA-4843-1",{"_key":129},"MGASA-2021-0047",{"_key":131},"MGASA-2021-0058",{"_key":133},"DEBIAN-CVE-2020-28374",{"_key":135},"LSN-0074-1",{"_key":137},"UBUNTU-CVE-2020-28374",{"_key":139},"USN-4694-1",{"_key":141},"USN-4709-1",{"_key":143},"USN-4711-1",{"_key":145},"USN-4713-1",{"_key":147},"USN-4713-2",{"_key":149},"USN-4753-1",[],[152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177],{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":129},{"_key":131},"2021-01-13T03:07:45.000Z","2024-08-04T16:33:59.044Z","Modified",{"cisa_kev":182,"cisa_ransomware":182,"cisa_vendor":9,"epss_severity":183,"epss_score":184,"severity":185,"severity_score":186,"severity_version":187,"severity_source":188,"severity_vector":189,"severity_status":180},false,"low",0.00305,"high",8.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",[191,200,207,211,215,219,225,229,234,238,243,248,252,256,260],{"url":192,"sources":193,"tags":195},"https://bugzilla.suse.com/show_bug.cgi?id=1178372",[194,188],"cve.org",[196,197,198,199],"X Refsource MISC","Issue Tracking","Patch","Third Party Advisory",{"url":201,"sources":202,"tags":203},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.7",[194,188],[204,205,206],"X Refsource CONFIRM","Release Notes","Vendor Advisory",{"url":208,"sources":209,"tags":210},"https://github.com/torvalds/linux/commit/2896c93811e39d63a4d9b63ccf12a8fbc226e5e4",[194,188],[204,198,199],{"url":212,"sources":213,"tags":214},"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2896c93811e39d63a4d9b63ccf12a8fbc226e5e4",[194,188],[204,198,206],{"url":216,"sources":217,"tags":218},"https://bugzilla.suse.com/attachment.cgi?id=844938",[194,188],[196,197,199],{"url":220,"sources":221,"tags":222},"http://www.openwall.com/lists/oss-security/2021/01/13/2",[194,188],[223,224,199],"Mailing List","X Refsource MLIST",{"url":226,"sources":227,"tags":228},"http://www.openwall.com/lists/oss-security/2021/01/13/5",[194,188],[223,224,199],{"url":230,"sources":231,"tags":232},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZEUPID5DZYLZBIO4BEVLHFUDZZIFL57/",[194,188],[206,233],"X Refsource FEDORA",{"url":235,"sources":236,"tags":237},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LTGQDYIEO2GOCOOKADBHEITF44GY55QF/",[194,188],[206,233],{"url":239,"sources":240,"tags":241},"http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html",[194,188],[196,199,242],"VDB Entry",{"url":244,"sources":245,"tags":246},"https://www.debian.org/security/2021/dsa-4843",[194,188],[206,247,199],"X Refsource DEBIAN",{"url":249,"sources":250,"tags":251},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HK7SRTITN5ABAUOOIGFVR7XE5YKYYAVO/",[194,188],[206,233],{"url":253,"sources":254,"tags":255},"https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html",[194,188],[223,224,199],{"url":257,"sources":258,"tags":259},"https://security.netapp.com/advisory/ntap-20210219-0002/",[194,188],[204,199],{"url":261,"sources":262,"tags":263},"https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",[194,188],[223,224,199],[],{"date":266,"score":184,"percentile":267},"2026-06-03",0.53976,[269,273,276,279,282,285,289,292,295,298,301,304,306,309,313,317,320,322,325,328,331,334,337,340,343,346,349,352,355,358,361,364,367,369,371,374,377,380,383,386,389,392,395,398,401,404,407,410,413,416,419,422,425,428,432,435,438,441,444,447,450,453,455,458,461,464,467,469,471,474,477,480,483,487,490,493,496,499,502,505,507,510,513,516,519,522,526,529,532,535],{"date":270,"score":271,"percentile":272},"2025-11-04",0.00222,0.44706,{"date":274,"score":271,"percentile":275},"2025-11-05",0.44701,{"date":277,"score":271,"percentile":278},"2025-11-06",0.44713,{"date":280,"score":271,"percentile":281},"2025-11-07",0.4474,{"date":283,"score":271,"percentile":284},"2025-11-08",0.44737,{"date":286,"score":287,"percentile":288},"2025-11-09",0.00421,0.61296,{"date":290,"score":287,"percentile":291},"2025-11-10",0.61275,{"date":293,"score":287,"percentile":294},"2025-11-11",0.61288,{"date":296,"score":287,"percentile":297},"2025-11-12",0.61313,{"date":299,"score":287,"percentile":300},"2025-11-13",0.61319,{"date":302,"score":287,"percentile":303},"2025-11-14",0.61327,{"date":305,"score":287,"percentile":300},"2025-11-15",{"date":307,"score":287,"percentile":308},"2025-11-16",0.61311,{"date":310,"score":311,"percentile":312},"2025-11-17",0.00345,0.56435,{"date":314,"score":315,"percentile":316},"2025-11-18",0.006,0.6694,{"date":318,"score":315,"percentile":319},"2025-11-19",0.66947,{"date":321,"score":315,"percentile":316},"2025-11-20",{"date":323,"score":311,"percentile":324},"2025-11-21",0.56449,{"date":326,"score":311,"percentile":327},"2025-11-22",0.56444,{"date":329,"score":311,"percentile":330},"2025-11-23",0.56417,{"date":332,"score":311,"percentile":333},"2025-11-24",0.56411,{"date":335,"score":311,"percentile":336},"2025-11-25",0.56416,{"date":338,"score":311,"percentile":339},"2025-11-26",0.56421,{"date":341,"score":311,"percentile":342},"2025-11-27",0.56422,{"date":344,"score":311,"percentile":345},"2025-11-28",0.56398,{"date":347,"score":311,"percentile":348},"2025-11-29",0.56385,{"date":350,"score":311,"percentile":351},"2025-11-30",0.56377,{"date":353,"score":311,"percentile":354},"2025-12-01",0.56534,{"date":356,"score":311,"percentile":357},"2025-12-02",0.56551,{"date":359,"score":311,"percentile":360},"2025-12-03",0.56548,{"date":362,"score":311,"percentile":363},"2025-12-04",0.5638,{"date":365,"score":311,"percentile":366},"2025-12-05",0.56396,{"date":368,"score":311,"percentile":345},"2025-12-06",{"date":370,"score":311,"percentile":366},"2025-12-07",{"date":372,"score":311,"percentile":373},"2025-12-08",0.56397,{"date":375,"score":311,"percentile":376},"2025-12-09",0.56418,{"date":378,"score":311,"percentile":379},"2025-12-10",0.56476,{"date":381,"score":311,"percentile":382},"2025-12-11",0.56501,{"date":384,"score":311,"percentile":385},"2025-12-12",0.56527,{"date":387,"score":311,"percentile":388},"2025-12-13",0.56522,{"date":390,"score":311,"percentile":391},"2025-12-14",0.56519,{"date":393,"score":311,"percentile":394},"2025-12-15",0.56506,{"date":396,"score":311,"percentile":397},"2025-12-16",0.56518,{"date":399,"score":311,"percentile":400},"2025-12-17",0.56537,{"date":402,"score":311,"percentile":403},"2025-12-18",0.56579,{"date":405,"score":311,"percentile":406},"2025-12-19",0.56585,{"date":408,"score":311,"percentile":409},"2025-12-20",0.56581,{"date":411,"score":311,"percentile":412},"2025-12-21",0.5656,{"date":414,"score":311,"percentile":415},"2025-12-22",0.56541,{"date":417,"score":311,"percentile":418},"2025-12-23",0.56547,{"date":420,"score":311,"percentile":421},"2025-12-24",0.56556,{"date":423,"score":311,"percentile":424},"2025-12-25",0.566,{"date":426,"score":311,"percentile":427},"2025-12-26",0.56597,{"date":429,"score":430,"percentile":431},"2025-12-27",0.0029,0.52189,{"date":433,"score":311,"percentile":434},"2025-12-28",0.56567,{"date":436,"score":311,"percentile":437},"2025-12-29",0.56558,{"date":439,"score":311,"percentile":440},"2025-12-30",0.56554,{"date":442,"score":311,"percentile":443},"2025-12-31",0.56571,{"date":445,"score":311,"percentile":446},"2026-01-01",0.5674,{"date":448,"score":311,"percentile":449},"2026-01-02",0.5672,{"date":451,"score":311,"percentile":452},"2026-01-03",0.56712,{"date":454,"score":311,"percentile":415},"2026-01-04",{"date":456,"score":311,"percentile":457},"2026-01-05",0.5653,{"date":459,"score":311,"percentile":460},"2026-01-06",0.56539,{"date":462,"score":311,"percentile":463},"2026-01-07",0.56565,{"date":465,"score":311,"percentile":466},"2026-01-08",0.56583,{"date":468,"score":311,"percentile":466},"2026-01-09",{"date":470,"score":311,"percentile":466},"2026-01-10",{"date":472,"score":311,"percentile":473},"2026-01-11",0.56559,{"date":475,"score":311,"percentile":476},"2026-01-12",0.5652,{"date":478,"score":311,"percentile":479},"2026-01-13",0.56494,{"date":481,"score":311,"percentile":482},"2026-01-14",0.56536,{"date":484,"score":485,"percentile":486},"2026-01-15",0.00336,0.55947,{"date":488,"score":485,"percentile":489},"2026-01-16",0.55969,{"date":491,"score":485,"percentile":492},"2026-01-17",0.55963,{"date":494,"score":485,"percentile":495},"2026-01-18",0.55955,{"date":497,"score":485,"percentile":498},"2026-01-19",0.55946,{"date":500,"score":485,"percentile":501},"2026-01-20",0.55949,{"date":503,"score":485,"percentile":504},"2026-01-21",0.55953,{"date":506,"score":485,"percentile":495},"2026-01-22",{"date":508,"score":485,"percentile":509},"2026-01-23",0.55998,{"date":511,"score":485,"percentile":512},"2026-01-24",0.56002,{"date":514,"score":485,"percentile":515},"2026-01-25",0.5596,{"date":517,"score":485,"percentile":518},"2026-01-26",0.55948,{"date":520,"score":485,"percentile":521},"2026-01-27",0.55962,{"date":523,"score":524,"percentile":525},"2026-01-28",0.0028,0.50998,{"date":527,"score":524,"percentile":528},"2026-01-29",0.50995,{"date":530,"score":524,"percentile":531},"2026-01-30",0.50999,{"date":533,"score":524,"percentile":534},"2026-01-31",0.51005,{"date":536,"score":524,"percentile":537},"2026-02-01",0.51141,[539],{"source":188,"cvss_v2_0":540,"cvss_v3_0":9,"cvss_v3_1":545,"cvss_v4_0":9},{"baseScore":541,"baseSeverity":9,"vectorString":542,"impactScore":543,"exploitabilityScore":544},5.5,"AV:N/AC:L/Au:S/C:P/I:P/A:N",4.9,8,{"baseScore":186,"baseSeverity":546,"vectorString":189,"impactScore":547,"exploitabilityScore":548},"HIGH",8.7,7.2,[550,561,569],{"ecosystem":9,"name":551,"vendor":552,"product":553,"cpe_part":554,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":555},"debian linux","debian","debian_linux","o",[556,559],{"version":557,"is_range":182,"range_type":558,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0","cpe",{"version":560,"is_range":182,"range_type":558,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"ecosystem":9,"name":562,"vendor":563,"product":562,"cpe_part":554,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":564},"fedora","fedoraproject",[565,567],{"version":566,"is_range":182,"range_type":558,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"32",{"version":568,"is_range":182,"range_type":558,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"33",{"ecosystem":9,"name":570,"vendor":571,"product":572,"cpe_part":554,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":573},"linux kernel","linux","linux_kernel",[574],{"version":575,"is_range":576,"range_type":558,"version_start":9,"version_start_type":9,"version_end":577,"version_end_type":578,"fixed_in":9},"lt5.10.7",true,"5.10.7","excluding"]