Lucene search

PRIOn knowledge basePRION:CVE-2021-20307

HistoryApr 05, 2021 - 10:15 p.m.

Format string

2021-04-0522:15:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.3%

JSON

Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values.

CPENameOperatorVersion
debian_linuxeq9.0
fedoraeq32
fedoraeq33
fedoraeq34
libpano13eq2.9.20 rc2
libpano13eq2.9.20 rc1
libpano13le2.9.19

Name	Operator	Version
debian_linux	eq	9.0
fedora	eq	32
fedora	eq	33
fedora	eq	34
libpano13	eq	2.9.20 rc2
libpano13	eq	2.9.20 rc1
libpano13	le	2.9.19

References

bugzilla.redhat.com/show_bug.cgi?id=1946284

lists.debian.org/debian-lts-announce/2021/04/msg00010.html

lists.fedoraproject.org/archives/list/[email protected]/message/FVJRXUOBN56ZWP6QQ3NTA6DIFZMDZAEQ/

lists.fedoraproject.org/archives/list/[email protected]/message/JE6YZSXNVD6WZ3AG3ENL2DIHQFF24LYX/

lists.fedoraproject.org/archives/list/[email protected]/message/VYDYBKHT2MNMQCUMAVJNZW4VH6MD5BOF/

security.gentoo.org/glsa/202107-47

sourceforge.net/projects/panotools/files/libpano13/libpano13-2.9.20/