VYPR

rpm package

suse/lilypond-doc&distro=SUSE Package Hub 15 SP2

pkg:rpm/suse/lilypond-doc&distro=SUSE%20Package%20Hub%2015%20SP2

Vulnerabilities (1)

  • CVE-2020-17353Aug 5, 2020
    affected < 2.20.0-lp152.2.5.10fixed 2.20.0-lp152.2.5.10

    scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code.