VDB
CVE-2021-20240
CVE-2021-20240
PUBLISHED
A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
EPSS 1.06% · 77.9th percentile
Risk Scores
EPSS Score
1.06%
77.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | gdk-pixbuf | 2.40.0+dfsg-1ubuntu1, 2.40.0+dfsg-2, 2.40.0+dfsg-3 |
Timeline
- Feb 17, 2021 CVE Published
- May 29, 2021 EPSS Score
- Jul 31, 2021 EPSS Score
- Sep 30, 2021 EPSS Score
- Nov 30, 2021 EPSS Score
- Jan 30, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 2, 2022 EPSS Score
- Jun 2, 2022 EPSS Score
- Aug 3, 2022 EPSS Score
- Oct 3, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-20240 third-party-advisory
- https://ubuntu.com/security/notices/USN-4743-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-20240 third-party-advisory