CVE-2020-27605

2020-10-2114:09:03

mitre

www.cve.org

bigbluebutton

eps documents

processing

vulnerability

ghostscript

AI Score

9.4

Confidence

High

EPSS

0.007

Percentile

79.9%

JSON

BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a “schwache Sandbox.”

References

www.golem.de/news/big-blue-button-das-grosse-blaue-sicherheitsrisiko-2010-151610.html