Unrated severityNVD Advisory· Published Aug 22, 2023· Updated Dec 7, 2024
CVE-2020-35357
CVE-2020-35357
Description
A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16- GNU Scientific Library/GSL (GNU Scientific Library)description
- Range: >=2.5 <=2.6
- osv-coords14 versionspkg:rpm/opensuse/gsl_2_4-gnu-hpc&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/gsl_2_4-gnu-hpc&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/gsl_2_6-gnu-hpc&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/gsl_2_6-gnu-hpc&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/gsl&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/gsl&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/gsl&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4pkg:rpm/suse/gsl&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/gsl&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/gsl&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/gsl&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/gsl&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/gsl&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP4pkg:rpm/suse/gsl&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5
< 2.4-150100.9.4.1+ 13 more
- (no CPE)range: < 2.4-150100.9.4.1
- (no CPE)range: < 2.4-150100.9.4.1
- (no CPE)range: < 2.6-150200.3.4.3
- (no CPE)range: < 2.6-150200.3.4.3
- (no CPE)range: < 2.4-150100.9.4.1
- (no CPE)range: < 2.6-150200.3.4.3
- (no CPE)range: < 2.6-150200.3.4.3
- (no CPE)range: < 2.6-150200.3.4.3
- (no CPE)range: < 2.6-150200.3.4.3
- (no CPE)range: < 2.6-150200.3.4.3
- (no CPE)range: < 1.16-5.4.1
- (no CPE)range: < 1.16-5.4.1
- (no CPE)range: < 2.4-150100.9.4.1
- (no CPE)range: < 2.4-150100.9.4.1
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.