CVE-2020-11866

Consolidated evidence from connected documents confirms libEMF (ECMA-234 Metafile Library) vulnerabilities, including CVE-2020-11866 (use-after-free), have been addressed in multiple Linux distributions. OpenSUSE openSUSE-2020:0831-1 and SUSE/SLE-15:Update entries cite fixes for CVE-2020-11863 th...

CVE-2020-11863

libEMF (ECMA-234 Metafile Library) has several documented issues up to 1.0.11. CVE-2020-11863 causes denial of service; CVE-2020-11864 also denial of service; CVE-2020-11865 is an out-of-bounds memory access; CVE-2020-11866 is a use-after-free; CVE-2020-13999 (in 1.0.12) is an integer overflow an...

CVE-2020-11865

libEMF (ECMA-234 Metafile Library) up to version 1.0.11 contains an out-of-bounds memory access vulnerability (CVE-2020-11865). Multiple advisories note fixes in a later release (e.g., 1.0.12) and patches across distributions (openSUSE/SLE SUSE updates OpenVAS/OSV entries). Affected products incl...

CVE-2020-11864

LibEMF (ECMA-234 Metafile Library) up to version 1.0.11 is affected by CVE-2020-11864, a denial-of-service issue in the library. The vulnerability is mitigated by upgrading to subsequent releases (e.g., libEMF 1.0.12 or later), which are documented in multiple advisories (openSUSE/SUSE OSV record...

CVE-2020-13999

CVE-2020-13999 affects libEMF (ECMA-234 Metafile Library). The vulnerability is an integer overflow in ScaleViewPortExtEx implemented in libemf.cpp of libEMF 1.0.12, allowing denial of service via a crafted EMF file. Publicly documented in multiple advisories (SUSE-SU-2022:3190/3191, OSV entries)...