CVE-2020-35492

🗓️ 28 Dec 2020 18:34:36Reported by redhat.comType

Flaw in cairo image-compositor.c, allows crafted input file to cause stack buffer overflow -> out-of-bounds WRITE, affecting confidentiality, integrity, system availability

Reporter	Title	Published	Views	Family All 106
IBM Security Bulletins	Security Bulletin: IBM Watson Machine Learning Accelerator for IBM Cloud Pak for Data is affected by multiple vulnerabilities.	19 Feb 202617:06	–	ibm
ALT Linux	Security fix for the ALT Linux 10 package libcairo version 1:1.16.0-alt2	6 Jan 202300:00	–	altlinux
Tenable Nessus	Alibaba Cloud Linux 3 : 0202: cairo and pixman (ALINUX3-SA-2022:0202)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : cairo and pixman (ALSA-2022:1961)	12 May 202200:00	–	nessus
Tenable Nessus	CentOS 8 : cairo and pixman (CESA-2022:1961)	10 May 202200:00	–	nessus
Tenable Nessus	Debian DLA-2518-1 : cairo security update	6 Jan 202100:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : cairo (EulerOS-SA-2021-1769)	30 Apr 202100:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : cairo (EulerOS-SA-2021-1977)	28 Jun 202100:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.6.0 : cairo (EulerOS-SA-2021-2017)	30 Jun 202100:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.6.6 : cairo (EulerOS-SA-2021-2035)	1 Jul 202100:00	–	nessus

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-35492
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

25 Mar 2024 17:26Current

7.5High risk

Vulners AI Score7.5

CVSS 26.8

CVSS 3.17.8

EPSS0.0027