VDB
BDU%3A2020-05743
BDU%3A2020-05743
PUBLISHED
CVSS 10 CRITICAL
Уязвимость функции FeatureRef::applyValToFeature библиотеки шрифтов Graphite 2 браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании
Risk Scores
CVSS 2.0
10
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ООО «РусБИТех-Астра», Red Hat Inc., Canonical Ltd., АО «ИВК», Novell Inc., Сообщество свободного программного обеспечения, Mozilla Corp., SIL International | Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, Ubuntu, Альт Линукс СПТ (запись в едином реестре российских программ №9), OpenSUSE Leap, Suse Linux Enterprise Desktop, SUSE Linux Enterprise Server for SAP Applications, SUSE Linux Enterprise Software Development Kit, Suse Linux Enterprise Server, Debian GNU/Linux, SUSE Linux Enterprise High Performance Computing, SUSE Linux Enterprise Server for Raspberry Pi, Firefox, Firefox ESR, Thunderbird, Graphite 2 |
Timeline
- Dec 22, 2020 CVE Published
- Jan 12, 2021 CVE Updated
- Mar 19, 2026 Distribution Patch
- Mar 19, 2026 Distribution Patch
- Mar 19, 2026 Distribution Patch
- Mar 19, 2026 Security Advisory
- Mar 19, 2026 Security Advisory
- Mar 19, 2026 Security Advisory
References
- https://security-tracker.debian.org/tracker/CVE-2017-5436 url
- https://nvd.nist.gov/vuln/detail/CVE-2017-5436 url
- https://github.com/silnrsi/graphite/releases url
- https://www.mozilla.org/security/advisories/mfsa2017-10/ url
- https://www.mozilla.org/security/advisories/mfsa2017-11/ url
- https://www.mozilla.org/security/advisories/mfsa2017-12/ url
- https://www.mozilla.org/security/advisories/mfsa2017-13/ url
- https://access.redhat.com/security/cve/cve-2017-5436 url
- https://www.suse.com/security/cve/CVE-2017-5436/ url
- https://wiki.astralinux.ru/pages/viewpage.action?pageId=1212483 url
- https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15 url
- https://www.debian.org/security/2017/dsa-3831 url
- https://cve.basealt.ru/ url
- https://ubuntu.com/security/notices/USN-3260-1?_ga=2.91217818.1630830267.1608209597-1543702552.1605094901 url
- https://ubuntu.com/security/notices/USN-3278-1?_ga=2.91217818.1630830267.1608209597-1543702552.1605094901 url