Lucene search

K

GoogleOSV:CVE-2021-20240

HistoryMay 28, 2021 - 11:15 a.m.

CVE-2021-20240

2021-05-2811:15:08

Google

osv.dev

7

flaw

gdk-pixbuf

gif image

out of bounds write

code execution

data confidentiality

data integrity

system availability

AI Score

7.3

Confidence

High

EPSS

0.003

Percentile

65.6%

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

References

bugzilla.redhat.com/show_bug.cgi?id=1926787

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5H3GNVWMZTYZR3JBYCK57PF7PFMQBNP/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BGZVCTH5O7WBJLYXZ2UOKLYNIFPVR55D/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EANWYODLOJDFLMBH6WEKJJMQ5PKLEWML/

AI Score

7.3

Confidence

High

EPSS

0.003

Percentile

65.6%

Related for OSV:CVE-2021-20240

prion1 alpinelinux1 openvas5 nessus3 debiancve1 cvelist1 ubuntucve1 ubuntu1 redhatcve1 cve1 osv1 veracode1 nvd1 fedora4 redos1