VDB

CVE-2019-20326

CVE-2019-20326 PUBLISHED

A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.

EPSS 3.96% · 88.6th percentile

Risk Scores

EPSS Score
3.96%
88.6th percentile

Affected Products

VendorProductVersions
Ubuntu:Pro:18.04:LTSgthumb0, 3:3.5.3-1, 3:3.5.4-1
Ubuntu:20.04:LTSgthumb0, 3:3.8.0-2.1, 3:3.8.0-2.1build1
Ubuntu:Pro:16.04:LTSgthumb3:3.3.1.is.3.2.8-0ubuntu3, 3:3.4.1-2, 3:3.4.1-4

Exploit Intelligence

…and 1 more exploits

Timeline

  • Mar 16, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 29, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 11, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›