Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2020-26682 - log back

CVE-2020-26682 edited at 19 Nov 2020 19:05:00

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Arbitrary code execution

Description

+	In libass 0.14.0, the ass_outline_construct's call to outline_stroke causes a signed integer overflow.

References

+	https://github.com/libass/libass/issues/431
+	https://github.com/libass/libass/pull/432
+	https://github.com/libass/libass/commit/676f9dc5b52ef406c5527bdadbcb947f11392929

Notes

CVE-2020-26682 created at 19 Nov 2020 18:57:19