CVE-2020-26682 - log back

CVE-2020-26682 edited at 19 Nov 2020 19:05:00
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Arbitrary code execution
Description
+ In libass 0.14.0, the ass_outline_construct's call to outline_stroke causes a signed integer overflow.
References
+ https://github.com/libass/libass/issues/431
+ https://github.com/libass/libass/pull/432
+ https://github.com/libass/libass/commit/676f9dc5b52ef406c5527bdadbcb947f11392929
Notes
CVE-2020-26682 created at 19 Nov 2020 18:57:19