Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-23109

Опубликовано: 03 нояб. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.8
CVSS3: 8.1

Описание

Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

1.17.6-1ubuntu4
esm-apps/bionic

ignored

changes too intrusive
esm-apps/focal

released

1.6.1-1ubuntu0.1~esm1
esm-apps/jammy

not-affected

1.12.0-2build
focal

ignored

end of standard support, was needed
hirsute

ignored

end of life
impish

ignored

end of life
jammy

not-affected

1.12.0-2build
kinetic

ignored

end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 48%
0.00244
Низкий

5.8 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2020-23109

CVSS3: 8.1
nvd
больше 4 лет назад

Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.

debian логотип

CVE-2020-23109

CVSS3: 8.1
debian
больше 4 лет назад

Buffer overflow vulnerability in function convert_colorspace in heif_c ...

github логотип

GHSA-ccjv-v7wq-hv5p

github
больше 3 лет назад

Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.

EPSS

Процентиль: 48%
0.00244
Низкий

5.8 Medium

CVSS2

8.1 High

CVSS3