ByteOS Network

NVD Vulnerability Details :

CVE-2021-20240

Analyzed

Source-secalert@redhat.com

Published At-28 May, 2021 | 11:15

Updated At-12 Feb, 2025 | 17:16

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to crash or could potentially execute code on the victim system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary	2.0	8.3	HIGH	AV:N/AC:M/Au:N/C:P/I:P/A:C

Type: Primary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 8.3

Base severity: HIGH

Vector:

AV:N/AC:M/Au:N/C:P/I:P/A:C

CPE Matches

The GNOME Project

>>gdk-pixbuf>>Versions before 2.39.2(exclusive)

cpe:2.3:a:gnome:gdk-pixbuf:*:*:*:*:*:*:*:*

Fedora Project

>>fedora>>33

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Fedora Project

>>fedora>>34

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-191	Primary	secalert@redhat.com

CWE ID: CWE-191

Type: Primary

Source: secalert@redhat.com

References

Hyperlink	Source	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1926787	secalert@redhat.com	Issue Tracking Patch Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5H3GNVWMZTYZR3JBYCK57PF7PFMQBNP/	secalert@redhat.com	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BGZVCTH5O7WBJLYXZ2UOKLYNIFPVR55D/	secalert@redhat.com	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EANWYODLOJDFLMBH6WEKJJMQ5PKLEWML/	secalert@redhat.com	Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1926787	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Patch Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5H3GNVWMZTYZR3JBYCK57PF7PFMQBNP/	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BGZVCTH5O7WBJLYXZ2UOKLYNIFPVR55D/	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EANWYODLOJDFLMBH6WEKJJMQ5PKLEWML/	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory