CVE-2020-21428
CVE-2020-21428
Vexday Risk Score
8Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 3.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
22 ago 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Productos afectados
n/a · n/aReferencias
https://lists.debian.org/debian-lts-announce/2023/11/msg00020.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RUEK2JOVJBQZVNQIIZZO3JFMTVB4R5KS/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGOMCRAANNCQYJYPPMGRQWKRZGIP6NME/https://sourceforge.net/p/freeimage/bugs/299/https://www.debian.org/security/2023/dsa-5579