mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
97 lines
3.8 KiB
JSON
97 lines
3.8 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2020-29385",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop will assign self->code_table[11].extends to c, which will give the value of 10. This will make the loop run infinitely. This bug can, for example, be triggered by calling this function with a GIF image with LZW compression that is crafted in a special way."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/blob/master/NEWS",
|
|
"refsource": "MISC",
|
|
"name": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/blob/master/NEWS"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://security.gentoo.org/glsa/202012-15",
|
|
"url": "https://security.gentoo.org/glsa/202012-15"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977166",
|
|
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977166"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://ubuntu.com/security/CVE-2020-29385",
|
|
"url": "https://ubuntu.com/security/CVE-2020-29385"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/164",
|
|
"url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/164"
|
|
},
|
|
{
|
|
"refsource": "FEDORA",
|
|
"name": "FEDORA-2021-2e59756cbe",
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EANWYODLOJDFLMBH6WEKJJMQ5PKLEWML/"
|
|
},
|
|
{
|
|
"refsource": "FEDORA",
|
|
"name": "FEDORA-2021-755ba8968a",
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5H3GNVWMZTYZR3JBYCK57PF7PFMQBNP/"
|
|
},
|
|
{
|
|
"refsource": "FEDORA",
|
|
"name": "FEDORA-2021-c918632e13",
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BGZVCTH5O7WBJLYXZ2UOKLYNIFPVR55D/"
|
|
}
|
|
]
|
|
}
|
|
} |