Lucene search
K

13 matches found

OSV
OSV
added 2020/09/22 4:22 p.m.3 views

OPENSUSE-SU-2020:1506-1 Security update for lilypond

This update for lilypond fixes the following issues: - CVE-2020-17353: When -dsafe is used, LilyPond lacks restrictions on embedded-ps and embedded-svg boo1174949. This update was imported from the openSUSE:Leap:15.2:Update update project...

9.8CVSS9.5AI score0.02371EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2020/09/22 12:0 a.m.37 views

Security update for lilypond (moderate)

openSUSE Security Update: Security update for lilypond Announcement ID: openSUSE-SU-2020:1506-1 Rating: moderate References: 1174949 Cross-References: CVE-2020-17353 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available. Description: This update...

9.8CVSS9.4AI score0.02371EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/09/21 12:0 a.m.22 views

openSUSE Security Update : lilypond (openSUSE-2020-1453)

This update for lilypond fixes the following issues : - CVE-2020-17353: When -dsafe is used, LilyPond lacks restrictions on embedded-ps and embedded-svg boo1174949. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

9.8CVSS8.2AI score0.02371EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/09/20 12:0 a.m.16 views

openSUSE: Security Advisory for lilypond (openSUSE-SU-2020:1453-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.5AI score0.02371EPSS
Exploits0References2
OSV
OSV
added 2020/09/19 12:20 p.m.3 views

OPENSUSE-SU-2020:1453-1 Security update for lilypond

This update for lilypond fixes the following issues: - CVE-2020-17353: When -dsafe is used, LilyPond lacks restrictions on embedded-ps and embedded-svg boo1174949...

9.8CVSS9.5AI score0.02371EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2020/09/19 12:0 a.m.43 views

Security update for lilypond (moderate)

openSUSE Security Update: Security update for lilypond Announcement ID: openSUSE-SU-2020:1453-1 Rating: moderate References: 1174949 Cross-References: CVE-2020-17353 Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP2 An update that fixes one vulnerability is now available...

9.8CVSS9.4AI score0.02371EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/08/31 12:0 a.m.30 views

Debian DSA-4756-1 : lilypond - security update

Faidon Liambotis discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. C Tenab...

9.8CVSS8.6AI score0.02371EPSS
Exploits0References3
Debian
Debian
added 2020/08/29 5:38 p.m.44 views

[SECURITY] [DSA 4756-1] lilypond security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4756-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 29, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.6AI score0.02371EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/08/14 12:0 a.m.29 views

Fedora 31 : lilypond (2020-7cd08d85ce)

Patch for CVE-2020-17353 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Securit...

9.8CVSS8.2AI score0.02371EPSS
Exploits0References2
OSV
OSV
added 2020/08/05 2:15 p.m.3 views

UBUNTU-CVE-2020-17353

scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code...

9.8CVSS7.3AI score0.02371EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/08/05 12:55 p.m.16 views

CVE-2020-17353

scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code...

9.8CVSS9.5AI score0.02371EPSS
Exploits0
Cvelist
Cvelist
added 2020/08/05 12:55 p.m.28 views

CVE-2020-17353

scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code...

9.4AI score0.02371EPSS
Exploits0References6
CVE
CVE
added 2020/08/05 12:55 p.m.307 views

CVE-2020-17353

CVE-2020-17353 affects LilyPond up to 2.20.0 and 2.21.x up to 2.21.4. When -dsafe is used, LilyPond does not restrict embedded-ps and embedded-svg, enabling execution of arbitrary PostScript/SVG content as demonstrated by vulnerable inputs. Publicly documented fixes across multiple distros includ...

9.8CVSS9.2AI score0.02371EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder