High severity8.8NVD Advisory· Published Oct 16, 2020· Updated Jun 17, 2026
CVE-2020-26682
CVE-2020-26682
Description
In libass 0.14.0, the ass_outline_construct's call to outline_stroke causes a signed integer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17- libass/libassdescription
- osv-coords15 versionspkg:rpm/opensuse/libass&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/libass&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2pkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/libass&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/libass&distro=SUSE%20Manager%20Proxy%204.0pkg:rpm/suse/libass&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0pkg:rpm/suse/libass&distro=SUSE%20Manager%20Server%204.0
< 0.14.0-lp152.4.3.1+ 14 more
- (no CPE)range: < 0.14.0-lp152.4.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
- (no CPE)range: < 0.14.0-3.3.1
Patches
Vulnerability mechanics
References
4- www.openwall.com/lists/oss-security/2020/11/19/7nvdExploitIssue TrackingMailing ListThird Party Advisory
- github.com/libass/libass/issues/431nvdExploitIssue TrackingThird Party Advisory
- github.com/libass/libass/pull/432nvdIssue TrackingThird Party Advisory
- security.gentoo.org/glsa/202012-12nvdThird Party Advisory
News mentions
0No linked articles in our index yet.