Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-35492

Опубликовано: 18 мар. 2021
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 6.8
CVSS3: 7.8

Описание

A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

1.16.0-5ubuntu2
esm-infra-legacy/trusty

DNE

esm-infra/bionic

needs-triage

esm-infra/focal

needs-triage

esm-infra/xenial

released

1.14.6-1ubuntu0.1~esm1
focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life
hirsute

ignored

end of life
impish

not-affected

1.16.0-5ubuntu1

Показывать по

Ссылки на источники

EPSS

Процентиль: 27%
0.00093
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-35492

CVSS3: 7.8
redhat
больше 4 лет назад

A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.

nvd логотип

CVE-2020-35492

CVSS3: 7.8
nvd
больше 4 лет назад

A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.

msrc логотип

CVE-2020-35492

CVSS3: 7.8
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-35492

CVSS3: 7.8
debian
больше 4 лет назад

A flaw was found in cairo's image-compositor.c in all versions prior t ...

rocky логотип

RLSA-2022:1961

rocky
около 3 лет назад

Moderate: cairo and pixman security and bug fix update

EPSS

Процентиль: 27%
0.00093
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3