Ubuntu.comUB:CVE-2020-36646CVE-2020-36646
2.3 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.007 Low
EPSS
Percentile
80.8%
A vulnerability classified as problematic has been found in MediaArea
ZenLib up to 0.4.38. This affects the function
Ztring::Date_From_Seconds_1970_Local of the file Source/ZenLib/Ztring.cpp.
The manipulation of the argument Value leads to unchecked return value to
null pointer dereference. Upgrading to version 0.4.39 is able to address
this issue. The identifier of the patch is
6475fcccd37c9cf17e0cfe263b5fe0e2e47a8408. It is recommended to upgrade the
affected component. The identifier VDB-217629 was assigned to this
vulnerability.
References
github.com/MediaArea/ZenLib/commit/6475fcccd37c9cf17e0cfe263b5fe0e2e47a8408
github.com/MediaArea/ZenLib/commit/6475fcccd37c9cf17e0cfe263b5fe0e2e47a8408 (v0.4.39)
github.com/MediaArea/ZenLib/pull/119
github.com/MediaArea/ZenLib/releases/tag/v0.4.39
launchpad.net/bugs/cve/CVE-2020-36646
nvd.nist.gov/vuln/detail/CVE-2020-36646
security-tracker.debian.org/tracker/CVE-2020-36646
vuldb.com/?ctiid.217629
vuldb.com/?id.217629
www.cve.org/CVERecord?id=CVE-2020-36646
Related
2.3 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:M/Au:S/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.007 Low
EPSS
Percentile
80.8%