CVE-2020-35492

2021-03-1819:15:00

Alpine Linux Development Team

security.alpinelinux.org

0.001 Low

EPSS

Percentile

46.0%

JSON

A flaw was found in cairo’s image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo’s image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.

OSVersionArchitecturePackageVersionFilename
Alpineedge-mainnoarchcairo< 1.16.0-r2UNKNOWN
Alpine3.10-mainnoarchcairo< 1.16.0-r3UNKNOWN
Alpine3.11-mainnoarchcairo< 1.16.0-r3UNKNOWN
Alpine3.12-mainnoarchcairo< 1.16.0-r3UNKNOWN
Alpine3.13-mainnoarchcairo< 1.16.0-r2UNKNOWN
Alpine3.14-mainnoarchcairo< 1.16.0-r2UNKNOWN
Alpine3.15-mainnoarchcairo< 1.16.0-r2UNKNOWN
Alpine3.16-mainnoarchcairo< 1.16.0-r2UNKNOWN
Alpine3.17-mainnoarchcairo< 1.16.0-r2UNKNOWN
Alpine3.18-mainnoarchcairo< 1.16.0-r2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-main	noarch	cairo	< 1.16.0-r2	UNKNOWN
Alpine	3.10-main	noarch	cairo	< 1.16.0-r3	UNKNOWN
Alpine	3.11-main	noarch	cairo	< 1.16.0-r3	UNKNOWN
Alpine	3.12-main	noarch	cairo	< 1.16.0-r3	UNKNOWN
Alpine	3.13-main	noarch	cairo	< 1.16.0-r2	UNKNOWN
Alpine	3.14-main	noarch	cairo	< 1.16.0-r2	UNKNOWN
Alpine	3.15-main	noarch	cairo	< 1.16.0-r2	UNKNOWN
Alpine	3.16-main	noarch	cairo	< 1.16.0-r2	UNKNOWN
Alpine	3.17-main	noarch	cairo	< 1.16.0-r2	UNKNOWN
Alpine	3.18-main	noarch	cairo	< 1.16.0-r2	UNKNOWN

Rows per page:

1-10 of 111

CVE-2020-35492

Related