CVE-2020-27605

2020-10-2115:15:27

Google

osv.dev

bigbluebutton

vulnerability

eps document

processing

ghostscript

attacks

schwache sandbox

software

AI Score

6.8

Confidence

High

EPSS

0.007

Percentile

79.9%

JSON

BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a “schwache Sandbox.”

References

www.golem.de/news/big-blue-button-das-grosse-blaue-sicherheitsrisiko-2010-151610.html