Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-20240

Опубликовано: 28 мая 2021
Источник: nvd
CVSS3: 8.8
CVSS2: 8.3
EPSS Низкий

Описание

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:gnome:gdk-pixbuf:*:*:*:*:*:*:*:*
Версия до 2.39.2 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

EPSS

Процентиль: 73%
0.00794
Низкий

8.8 High

CVSS3

8.3 High

CVSS2

Дефекты

CWE-191

Связанные уязвимости

ubuntu логотип

CVE-2021-20240

CVSS3: 8.8
ubuntu
около 4 лет назад

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

redhat логотип

CVE-2021-20240

CVSS3: 8.1
redhat
больше 4 лет назад

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

debian логотип

CVE-2021-20240

CVSS3: 8.8
debian
около 4 лет назад

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer w ...

github логотип

GHSA-cjqx-m2ff-vgj5

CVSS3: 8.8
github
около 3 лет назад

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

fstec логотип

BDU:2021-04598

CVSS3: 8.8
fstec
больше 5 лет назад

Уязвимость библиотеки загрузки изображений GdkPixbuf, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 73%
0.00794
Низкий

8.8 High

CVSS3

8.3 High

CVSS2

Дефекты

CWE-191