Vulnerability Description
In teler before version 0.0.1, if you run teler inside a Docker container and encounter `errors.Exit` function, it will cause denial-of-service (`SIGSEGV`) because it doesn't get process ID and process group ID of teler properly to kills. The issue is patched in teler 0.0.1 and 0.0.1-dev5.1.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Teler Project | Teler | < 0.0.1 |
Related Weaknesses (CWE)
References
- https://github.com/kitabisa/teler/commit/ec6082049dba9e44a21f35fb7b123d42ce1a1a7PatchThird Party Advisory
- https://github.com/kitabisa/teler/security/advisories/GHSA-jhj6-5mh6-4pvfThird Party Advisory
- https://github.com/kitabisa/teler/commit/ec6082049dba9e44a21f35fb7b123d42ce1a1a7PatchThird Party Advisory
- https://github.com/kitabisa/teler/security/advisories/GHSA-jhj6-5mh6-4pvfThird Party Advisory
FAQ
What is CVE-2020-26213?
CVE-2020-26213 is a vulnerability with a CVSS score of 5.9 (MEDIUM). In teler before version 0.0.1, if you run teler inside a Docker container and encounter `errors.Exit` function, it will cause denial-of-service (`SIGSEGV`) because it doesn't get process ID and proces...
How severe is CVE-2020-26213?
CVE-2020-26213 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-26213?
Check the references section above for vendor advisories and patch information. Affected products include: Teler Project Teler.