Medium severity6.5NVD Advisory· Published May 27, 2021· Updated Jun 17, 2026
CVE-2020-14301
CVE-2020-14301
Description
An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were saved in the XML dump of the guest domain. This flaw allows an attacker to access potentially sensitive information in the domain configuration via the dumpxml command.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
73- osv-coords71 versionspkg:rpm/almalinux/hivexpkg:rpm/almalinux/hivex-develpkg:rpm/almalinux/libguestfs-winsupportpkg:rpm/almalinux/libiscsipkg:rpm/almalinux/libiscsi-develpkg:rpm/almalinux/libiscsi-utilspkg:rpm/almalinux/libnbdpkg:rpm/almalinux/libnbd-develpkg:rpm/almalinux/libvirtpkg:rpm/almalinux/libvirt-adminpkg:rpm/almalinux/libvirt-bash-completionpkg:rpm/almalinux/libvirt-clientpkg:rpm/almalinux/libvirt-daemonpkg:rpm/almalinux/libvirt-daemon-config-networkpkg:rpm/almalinux/libvirt-daemon-config-nwfilterpkg:rpm/almalinux/libvirt-daemon-driver-interfacepkg:rpm/almalinux/libvirt-daemon-driver-networkpkg:rpm/almalinux/libvirt-daemon-driver-nodedevpkg:rpm/almalinux/libvirt-daemon-driver-nwfilterpkg:rpm/almalinux/libvirt-daemon-driver-secretpkg:rpm/almalinux/libvirt-daemon-driver-storagepkg:rpm/almalinux/libvirt-daemon-driver-storage-corepkg:rpm/almalinux/libvirt-daemon-driver-storage-diskpkg:rpm/almalinux/libvirt-daemon-driver-storage-iscsipkg:rpm/almalinux/libvirt-daemon-driver-storage-iscsi-directpkg:rpm/almalinux/libvirt-daemon-driver-storage-logicalpkg:rpm/almalinux/libvirt-daemon-driver-storage-mpathpkg:rpm/almalinux/libvirt-daemon-driver-storage-rbdpkg:rpm/almalinux/libvirt-daemon-driver-storage-scsipkg:rpm/almalinux/libvirt-dbuspkg:rpm/almalinux/libvirt-develpkg:rpm/almalinux/libvirt-docspkg:rpm/almalinux/libvirt-libspkg:rpm/almalinux/libvirt-nsspkg:rpm/almalinux/nbdfusepkg:rpm/almalinux/nbdkitpkg:rpm/almalinux/nbdkit-bash-completionpkg:rpm/almalinux/nbdkit-basic-filterspkg:rpm/almalinux/nbdkit-basic-pluginspkg:rpm/almalinux/nbdkit-curl-pluginpkg:rpm/almalinux/nbdkit-develpkg:rpm/almalinux/nbdkit-example-pluginspkg:rpm/almalinux/nbdkit-gzip-pluginpkg:rpm/almalinux/nbdkit-linuxdisk-pluginpkg:rpm/almalinux/nbdkit-python-pluginpkg:rpm/almalinux/nbdkit-serverpkg:rpm/almalinux/nbdkit-ssh-pluginpkg:rpm/almalinux/nbdkit-vddk-pluginpkg:rpm/almalinux/nbdkit-xz-filterpkg:rpm/almalinux/netcfpkg:rpm/almalinux/netcf-develpkg:rpm/almalinux/netcf-libspkg:rpm/almalinux/ocaml-hivexpkg:rpm/almalinux/ocaml-hivex-develpkg:rpm/almalinux/ocaml-libguestfspkg:rpm/almalinux/ocaml-libguestfs-develpkg:rpm/almalinux/ocaml-libnbdpkg:rpm/almalinux/ocaml-libnbd-develpkg:rpm/almalinux/perl-hivexpkg:rpm/almalinux/perl-Sys-Virtpkg:rpm/almalinux/python3-hivexpkg:rpm/almalinux/python3-libnbdpkg:rpm/almalinux/python3-libvirtpkg:rpm/almalinux/ruby-hivexpkg:rpm/almalinux/seabiospkg:rpm/almalinux/seabios-binpkg:rpm/almalinux/seavgabios-binpkg:rpm/almalinux/sgabiospkg:rpm/almalinux/sgabios-binpkg:rpm/almalinux/superminpkg:rpm/almalinux/supermin-devel
< 1.3.18-20.module_el8.3.0+2048+e7a0a3ea+ 70 more
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 8.2-1.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.18.0-8.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.2.2-1.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.2.2-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.0-2.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.2.2-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 0.2.8-12.module_el8.5.0+2608+72063365
- (no CPE)range: < 0.2.8-12.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 0.2.8-12.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1:1.40.2-25.module_el8.3.0+2048+e7a0a3ea.alma
- (no CPE)range: < 1:1.40.2-25.module_el8.3.0+2048+e7a0a3ea.alma
- (no CPE)range: < 1.2.2-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.2.2-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-1.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.2.2-1.module_el8.5.0+2608+72063365
- (no CPE)range: < 6.0.0-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.13.0-2.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.13.0-2.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.13.0-2.module_el8.5.0+2608+72063365
- (no CPE)range: < 1:0.20170427git-3.module_el8.5.0+2608+72063365
- (no CPE)range: < 1:0.20170427git-3.module_el8.5.0+2608+72063365
- (no CPE)range: < 5.1.19-10.module_el8.5.0+2608+72063365
- (no CPE)range: < 5.1.19-10.module_el8.5.0+2608+72063365
Patches
Vulnerability mechanics
References
2- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchVendor Advisory
- security.netapp.com/advisory/ntap-20210629-0007/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.