rpm package
opensuse/libass&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/libass&distro=openSUSE%20Leap%2015.2
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-36430 | Hig | 7.8 | < 0.14.0-lp152.4.9.1 | 0.14.0-lp152.4.9.1 | Jul 20, 2021 | libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction. | |
| CVE-2020-24994 | Hig | 8.8 | < 0.14.0-lp152.4.6.1 | 0.14.0-lp152.4.6.1 | Mar 23, 2021 | Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file. | |
| CVE-2020-26682 | Hig | 8.8 | < 0.14.0-lp152.4.3.1 | 0.14.0-lp152.4.3.1 | Oct 16, 2020 | In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow. |
- affected < 0.14.0-lp152.4.9.1fixed 0.14.0-lp152.4.9.1
libass 0.15.x before 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction.
- affected < 0.14.0-lp152.4.6.1fixed 0.14.0-lp152.4.6.1
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.
- affected < 0.14.0-lp152.4.3.1fixed 0.14.0-lp152.4.3.1
In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.