Your submission was sent successfully! Close

CVE-2020-12761

Published: 9 May 2020

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

Priority

Medium

CVSS 3 base score: 9.1

Status

Package Release Status
imlib2
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
eoan Ignored
(reached end-of-life)
focal
Released (1.6.1-1ubuntu0.1)
groovy Not vulnerable
(1.6.1-2)
hirsute Not vulnerable
(1.6.1-2)
impish Not vulnerable
(1.6.1-2)
jammy Not vulnerable
(1.6.1-2)
precise Does not exist

trusty Not vulnerable
(code not present)
upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)