CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
32.2%
Debian Security Advisory DSA-5300-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
December 12, 2022 https://www.debian.org/security/faq
Package : pngcheck
CVE ID : CVE-2020-35511
Multiple security issues were discovered in pngcheck, a tool to verify
the integrity of PNG, JNG and MNG files, which could potentially result
in the execution of arbitrary code.
For the stable distribution (bullseye), this problem has been fixed in
version 3.0.3-1~deb11u1.
We recommend that you upgrade your pngcheck packages.
For the detailed security status of pngcheck please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pngcheck
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 11 | arm64 | pngcheck-dbgsym | < 3.0.3-1~deb11u1 | pngcheck-dbgsym_3.0.3-1~deb11u1_arm64.deb |
Debian | 11 | arm64 | pngcheck | < 3.0.3-1~deb11u1 | pngcheck_3.0.3-1~deb11u1_arm64.deb |
Debian | 10 | amd64 | pngcheck | < 3.0.3-1~deb10u2 | pngcheck_3.0.3-1~deb10u2_amd64.deb |
Debian | 10 | armhf | pngcheck | < 3.0.3-1~deb10u2 | pngcheck_3.0.3-1~deb10u2_armhf.deb |
Debian | 11 | armel | pngcheck-dbgsym | < 3.0.3-1~deb11u1 | pngcheck-dbgsym_3.0.3-1~deb11u1_armel.deb |
Debian | 11 | armhf | pngcheck | < 3.0.3-1~deb11u1 | pngcheck_3.0.3-1~deb11u1_armhf.deb |
Debian | 11 | armhf | pngcheck-dbgsym | < 3.0.3-1~deb11u1 | pngcheck-dbgsym_3.0.3-1~deb11u1_armhf.deb |
Debian | 11 | amd64 | pngcheck-dbgsym | < 3.0.3-1~deb11u1 | pngcheck-dbgsym_3.0.3-1~deb11u1_amd64.deb |
Debian | 10 | all | pngcheck | < 3.0.3-1~deb10u2 | pngcheck_3.0.3-1~deb10u2_all.deb |
Debian | 11 | all | pngcheck | < 3.0.3-1~deb11u1 | pngcheck_3.0.3-1~deb11u1_all.deb |
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
32.2%