CVE-2020-12825

🗓️ 12 May 2020 17:30:57Reported by mitreType

libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption

Reporter	Title	Published	Views	Family All 126
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities	15 Apr 202221:36	–	ibm
Tenable Nessus	Amazon Linux 2 : libcroco (ALAS-2020-1521)	28 Oct 202000:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0047: libcroco (ALINUX3-SA-2022:0047)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : libcroco (ALSA-2020:3654)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : libcroco (CESA-2020:3654)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 7 : libcroco (RHSA-2020:4072)	6 Nov 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : libcroco (EulerOS-SA-2020-1808)	30 Jul 202000:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.6.0 : libcroco (EulerOS-SA-2020-1909)	28 Aug 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : libcroco (EulerOS-SA-2020-1922)	2 Sep 202000:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.2.0 : libcroco (EulerOS-SA-2020-1986)	8 Sep 202000:00	–	nessus

NVD

Node

gnome libcrocoRange≤0.6.13

Source	Link
openwall	www.openwall.com/lists/oss-security/2020/09/08/3
gitlab	www.gitlab.gnome.org/GNOME/libcroco/-/issues/8
openwall	www.openwall.com/lists/oss-security/2020/08/13/3
security	www.security.gentoo.org/glsa/202208-33

17 Jun 2026 02:52Current

6.8Medium risk

Vulners AI Score6.8

CVSS 25.8

CVSS 3.17.1

EPSS0.02319