VDB

CVE-2020-0499

CVE-2020-0499 PUBLISHED

In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156076070

EPSS 7.95% · 92.2th percentile

Risk Scores

EPSS Score
7.95%
92.2th percentile

Affected Products

VendorProductVersions
Ubuntu:Pro:14.04:LTSflac0, 1.3.0-2ubuntu0.14.04.1, 1.3.0-2
Ubuntu:18.04:LTSflac1.3.2-1, 0
Ubuntu:20.04:LTSflac1.3.3-1build1, 1.3.3-1, 0
Ubuntu:Pro:16.04:LTSflac0, 1.3.1-4

Timeline

  • Dec 15, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›