Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-20240

Опубликовано: 28 мая 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 8.3
CVSS3: 8.8

Описание

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

РелизСтатусПримечание
bionic

not-affected

code not present
devel

not-affected

2.42.2+dfsg-1
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

code not present
esm-infra/focal

not-affected

2.40.0+dfsg-3ubuntu0.2
esm-infra/xenial

not-affected

code not present
focal

released

2.40.0+dfsg-3ubuntu0.2
groovy

released

2.40.0+dfsg-5ubuntu0.2
precise/esm

DNE

trusty

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 73%
0.00794
Низкий

8.3 High

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-20240

CVSS3: 8.1
redhat
больше 4 лет назад

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

nvd логотип

CVE-2021-20240

CVSS3: 8.8
nvd
около 4 лет назад

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

debian логотип

CVE-2021-20240

CVSS3: 8.8
debian
около 4 лет назад

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer w ...

github логотип

GHSA-cjqx-m2ff-vgj5

CVSS3: 8.8
github
около 3 лет назад

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

fstec логотип

BDU:2021-04598

CVSS3: 8.8
fstec
больше 5 лет назад

Уязвимость библиотеки загрузки изображений GdkPixbuf, связанная с записью за границами буфера, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 73%
0.00794
Низкий

8.3 High

CVSS2

8.8 High

CVSS3

Уязвимость CVE-2021-20240