Lucene search
GoogleOSV:CVE-2020-36430HistoryJul 20, 2021 - 7:15 a.m.
CVE-2020-36430
2021-07-2007:15:07
Google
osv.dev
5
libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction.
References
bugs.chromium.org/p/oss-fuzz/issues/detail?id=26674
github.com/google/oss-fuzz-vulns/blob/main/vulns/libass/OSV-2020-2099.yaml
github.com/libass/libass/commit/017137471d0043e0321e377ed8da48e45a3ec632
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JUXFQUJ32GWG5E46A63DFDCYJAF3VU6/
security.gentoo.org/glsa/202208-13
Related
debiancve
debiancve
CVE-2020-36430
2021-07-20 07:15:07
nessus
nessus
GLSA-202208-13 : libass: Denial of service
2022-08-10 00:00:00
openSUSE 15 Security Update : libass (openSUSE-SU-2021:1174-1)
2021-08-21 00:00:00
SUSE SLED15 / SLES15 Security Update : libass (SUSE-SU-2021:2792-1)
2021-08-21 00:00:00
prion
prion
Heap overflow
2021-07-20 07:15:00
suse
suse
Security update for libass (important)
2021-08-20 00:00:00
Security update for libass (important)
2021-08-21 00:00:00
cve
cve
CVE-2020-36430
2021-07-20 07:15:07
mageia
mageia
Updated libass packages fix security vulnerability
2021-08-27 18:29:51
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0413)
2022-01-28 00:00:00
openSUSE: Security Advisory for libass (openSUSE-SU-2021:2792-1)
2021-08-21 00:00:00
openSUSE: Security Advisory for libass (openSUSE-SU-2021:1174-1)
2021-08-22 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: libass-0.15.2-1.fc34
2022-03-25 22:05:44
ubuntucve
ubuntucve
CVE-2020-36430
2021-07-20 00:00:00
nvd
nvd
CVE-2020-36430
2021-07-20 07:15:07
gentoo
gentoo
libass: Denial of service
2022-08-10 00:00:00
cvelist
cvelist
CVE-2020-36430
2021-07-20 06:47:14