Fluid Attacks Database

Description

arbitrary code execution

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
alpine v3.17	freetype	=2.10.0-r0 \|\| =2.10.1-r0 \|\| =2.10.2-r0 \|\| =2.10.3-r0 \|\| =2.3.12-r0 \|\| =2.3.8-r0 \|\| =2.3.8-r1 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.10-r0 \|\| =2.4.11-r0 \|\| =2.4.12-r0 \|\| =2.4.2-r0 \|\| =2.4.3-r0 \|\| =2.4.4-r0 \|\| =2.4.4-r1 \|\| =2.4.4-r2 \|\| =2.4.4-r3 \|\| =2.4.5-r0 \|\| =2.4.5-r1 \|\| =2.4.6-r0 \|\| =2.4.7-r0 \|\| =2.4.8-r0 \|\| =2.4.9-r0 \|\| =2.5.0.1-r0 \|\| =2.5.0.1-r1 \|\| =2.5.1-r0 \|\| =2.5.1-r1 \|\| =2.5.1-r2 \|\| =2.5.2-r0 \|\| =2.5.2-r1 \|\| =2.5.3-r0 \|\| =2.5.4-r0 \|\| =2.5.5-r0 \|\| =2.6-r0 \|\| =2.6-r1 \|\| =2.6-r2 \|\| =2.6-r3 \|\| =2.6-r4 \|\| =2.6.2-r0 \|\| =2.6.3-r0 \|\| =2.7-r0 \|\| =2.7.1-r0 \|\| =2.7.1-r1 \|\| =2.8-r0 \|\| =2.8-r1 \|\| =2.8-r2 \|\| =2.8-r3 \|\| =2.8.1-r0 \|\| =2.8.1-r1 \|\| =2.8.1-r2 \|\| =2.8.1-r3 \|\| =2.9-r0 \|\| =2.9-r1 \|\| =2.9.1-r0 \|\| =2.9.1-r1 \|\| =2.9.1-r2 \|\| >=0 <2.10.4-r0	2.10.4-r0
alpine v3.10	freetype	=2.10.0-r0 \|\| =2.3.12-r0 \|\| =2.3.8-r0 \|\| =2.3.8-r1 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.10-r0 \|\| =2.4.11-r0 \|\| =2.4.12-r0 \|\| =2.4.2-r0 \|\| =2.4.3-r0 \|\| =2.4.4-r0 \|\| =2.4.4-r1 \|\| =2.4.4-r2 \|\| =2.4.4-r3 \|\| =2.4.5-r0 \|\| =2.4.5-r1 \|\| =2.4.6-r0 \|\| =2.4.7-r0 \|\| =2.4.8-r0 \|\| =2.4.9-r0 \|\| =2.5.0.1-r0 \|\| =2.5.0.1-r1 \|\| =2.5.1-r0 \|\| =2.5.1-r1 \|\| =2.5.1-r2 \|\| =2.5.2-r0 \|\| =2.5.2-r1 \|\| =2.5.3-r0 \|\| =2.5.4-r0 \|\| =2.5.5-r0 \|\| =2.6-r0 \|\| =2.6-r1 \|\| =2.6-r2 \|\| =2.6-r3 \|\| =2.6-r4 \|\| =2.6.2-r0 \|\| =2.6.3-r0 \|\| =2.7-r0 \|\| =2.7.1-r0 \|\| =2.7.1-r1 \|\| =2.8-r0 \|\| =2.8-r1 \|\| =2.8-r2 \|\| =2.8-r3 \|\| =2.8.1-r0 \|\| =2.8.1-r1 \|\| =2.8.1-r2 \|\| =2.8.1-r3 \|\| =2.9-r0 \|\| =2.9-r1 \|\| =2.9.1-r0 \|\| =2.9.1-r1 \|\| =2.9.1-r2 \|\| >=0 <2.10.0-r1	2.10.0-r1
alpine v3.18	freetype	=2.10.0-r0 \|\| =2.10.1-r0 \|\| =2.10.2-r0 \|\| =2.10.3-r0 \|\| =2.3.12-r0 \|\| =2.3.8-r0 \|\| =2.3.8-r1 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.10-r0 \|\| =2.4.11-r0 \|\| =2.4.12-r0 \|\| =2.4.2-r0 \|\| =2.4.3-r0 \|\| =2.4.4-r0 \|\| =2.4.4-r1 \|\| =2.4.4-r2 \|\| =2.4.4-r3 \|\| =2.4.5-r0 \|\| =2.4.5-r1 \|\| =2.4.6-r0 \|\| =2.4.7-r0 \|\| =2.4.8-r0 \|\| =2.4.9-r0 \|\| =2.5.0.1-r0 \|\| =2.5.0.1-r1 \|\| =2.5.1-r0 \|\| =2.5.1-r1 \|\| =2.5.1-r2 \|\| =2.5.2-r0 \|\| =2.5.2-r1 \|\| =2.5.3-r0 \|\| =2.5.4-r0 \|\| =2.5.5-r0 \|\| =2.6-r0 \|\| =2.6-r1 \|\| =2.6-r2 \|\| =2.6-r3 \|\| =2.6-r4 \|\| =2.6.2-r0 \|\| =2.6.3-r0 \|\| =2.7-r0 \|\| =2.7.1-r0 \|\| =2.7.1-r1 \|\| =2.8-r0 \|\| =2.8-r1 \|\| =2.8-r2 \|\| =2.8-r3 \|\| =2.8.1-r0 \|\| =2.8.1-r1 \|\| =2.8.1-r2 \|\| =2.8.1-r3 \|\| =2.9-r0 \|\| =2.9-r1 \|\| =2.9.1-r0 \|\| =2.9.1-r1 \|\| =2.9.1-r2 \|\| >=0 <2.10.4-r0	2.10.4-r0
debian 11	freetype	>=0 <2.10.2+dfsg-4	2.10.2+dfsg-4
nuget	cefsharp.wpf	>=0 <85.3.130	85.3.130
nuget	cefsharp.common	>=0 <85.3.130	85.3.130
alpine v3.14	freetype	=2.10.0-r0 \|\| =2.10.1-r0 \|\| =2.10.2-r0 \|\| =2.10.3-r0 \|\| =2.3.12-r0 \|\| =2.3.8-r0 \|\| =2.3.8-r1 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.10-r0 \|\| =2.4.11-r0 \|\| =2.4.12-r0 \|\| =2.4.2-r0 \|\| =2.4.3-r0 \|\| =2.4.4-r0 \|\| =2.4.4-r1 \|\| =2.4.4-r2 \|\| =2.4.4-r3 \|\| =2.4.5-r0 \|\| =2.4.5-r1 \|\| =2.4.6-r0 \|\| =2.4.7-r0 \|\| =2.4.8-r0 \|\| =2.4.9-r0 \|\| =2.5.0.1-r0 \|\| =2.5.0.1-r1 \|\| =2.5.1-r0 \|\| =2.5.1-r1 \|\| =2.5.1-r2 \|\| =2.5.2-r0 \|\| =2.5.2-r1 \|\| =2.5.3-r0 \|\| =2.5.4-r0 \|\| =2.5.5-r0 \|\| =2.6-r0 \|\| =2.6-r1 \|\| =2.6-r2 \|\| =2.6-r3 \|\| =2.6-r4 \|\| =2.6.2-r0 \|\| =2.6.3-r0 \|\| =2.7-r0 \|\| =2.7.1-r0 \|\| =2.7.1-r1 \|\| =2.8-r0 \|\| =2.8-r1 \|\| =2.8-r2 \|\| =2.8-r3 \|\| =2.8.1-r0 \|\| =2.8.1-r1 \|\| =2.8.1-r2 \|\| =2.8.1-r3 \|\| =2.9-r0 \|\| =2.9-r1 \|\| =2.9.1-r0 \|\| =2.9.1-r1 \|\| =2.9.1-r2 \|\| >=0 <2.10.4-r0	2.10.4-r0
alpine v3.19	freetype	=2.10.0-r0 \|\| =2.10.1-r0 \|\| =2.10.2-r0 \|\| =2.10.3-r0 \|\| =2.3.12-r0 \|\| =2.3.8-r0 \|\| =2.3.8-r1 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.10-r0 \|\| =2.4.11-r0 \|\| =2.4.12-r0 \|\| =2.4.2-r0 \|\| =2.4.3-r0 \|\| =2.4.4-r0 \|\| =2.4.4-r1 \|\| =2.4.4-r2 \|\| =2.4.4-r3 \|\| =2.4.5-r0 \|\| =2.4.5-r1 \|\| =2.4.6-r0 \|\| =2.4.7-r0 \|\| =2.4.8-r0 \|\| =2.4.9-r0 \|\| =2.5.0.1-r0 \|\| =2.5.0.1-r1 \|\| =2.5.1-r0 \|\| =2.5.1-r1 \|\| =2.5.1-r2 \|\| =2.5.2-r0 \|\| =2.5.2-r1 \|\| =2.5.3-r0 \|\| =2.5.4-r0 \|\| =2.5.5-r0 \|\| =2.6-r0 \|\| =2.6-r1 \|\| =2.6-r2 \|\| =2.6-r3 \|\| =2.6-r4 \|\| =2.6.2-r0 \|\| =2.6.3-r0 \|\| =2.7-r0 \|\| =2.7.1-r0 \|\| =2.7.1-r1 \|\| =2.8-r0 \|\| =2.8-r1 \|\| =2.8-r2 \|\| =2.8-r3 \|\| =2.8.1-r0 \|\| =2.8.1-r1 \|\| =2.8.1-r2 \|\| =2.8.1-r3 \|\| =2.9-r0 \|\| =2.9-r1 \|\| =2.9.1-r0 \|\| =2.9.1-r1 \|\| =2.9.1-r2 \|\| >=0 <2.10.4-r0	2.10.4-r0
alpine v3.22	freetype	=2.10.0-r0 \|\| =2.10.1-r0 \|\| =2.10.2-r0 \|\| =2.10.3-r0 \|\| =2.3.12-r0 \|\| =2.3.8-r0 \|\| =2.3.8-r1 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.10-r0 \|\| =2.4.11-r0 \|\| =2.4.12-r0 \|\| =2.4.2-r0 \|\| =2.4.3-r0 \|\| =2.4.4-r0 \|\| =2.4.4-r1 \|\| =2.4.4-r2 \|\| =2.4.4-r3 \|\| =2.4.5-r0 \|\| =2.4.5-r1 \|\| =2.4.6-r0 \|\| =2.4.7-r0 \|\| =2.4.8-r0 \|\| =2.4.9-r0 \|\| =2.5.0.1-r0 \|\| =2.5.0.1-r1 \|\| =2.5.1-r0 \|\| =2.5.1-r1 \|\| =2.5.1-r2 \|\| =2.5.2-r0 \|\| =2.5.2-r1 \|\| =2.5.3-r0 \|\| =2.5.4-r0 \|\| =2.5.5-r0 \|\| =2.6-r0 \|\| =2.6-r1 \|\| =2.6-r2 \|\| =2.6-r3 \|\| =2.6-r4 \|\| =2.6.2-r0 \|\| =2.6.3-r0 \|\| =2.7-r0 \|\| =2.7.1-r0 \|\| =2.7.1-r1 \|\| =2.8-r0 \|\| =2.8-r1 \|\| =2.8-r2 \|\| =2.8-r3 \|\| =2.8.1-r0 \|\| =2.8.1-r1 \|\| =2.8.1-r2 \|\| =2.8.1-r3 \|\| =2.9-r0 \|\| =2.9-r1 \|\| =2.9.1-r0 \|\| =2.9.1-r1 \|\| =2.9.1-r2 \|\| >=0 <2.10.4-r0	2.10.4-r0
alpine v3.11	freetype	=2.10.0-r0 \|\| =2.10.1-r0 \|\| =2.3.12-r0 \|\| =2.3.8-r0 \|\| =2.3.8-r1 \|\| =2.4.0-r0 \|\| =2.4.1-r0 \|\| =2.4.10-r0 \|\| =2.4.11-r0 \|\| =2.4.12-r0 \|\| =2.4.2-r0 \|\| =2.4.3-r0 \|\| =2.4.4-r0 \|\| =2.4.4-r1 \|\| =2.4.4-r2 \|\| =2.4.4-r3 \|\| =2.4.5-r0 \|\| =2.4.5-r1 \|\| =2.4.6-r0 \|\| =2.4.7-r0 \|\| =2.4.8-r0 \|\| =2.4.9-r0 \|\| =2.5.0.1-r0 \|\| =2.5.0.1-r1 \|\| =2.5.1-r0 \|\| =2.5.1-r1 \|\| =2.5.1-r2 \|\| =2.5.2-r0 \|\| =2.5.2-r1 \|\| =2.5.3-r0 \|\| =2.5.4-r0 \|\| =2.5.5-r0 \|\| =2.6-r0 \|\| =2.6-r1 \|\| =2.6-r2 \|\| =2.6-r3 \|\| =2.6-r4 \|\| =2.6.2-r0 \|\| =2.6.3-r0 \|\| =2.7-r0 \|\| =2.7.1-r0 \|\| =2.7.1-r1 \|\| =2.8-r0 \|\| =2.8-r1 \|\| =2.8-r2 \|\| =2.8-r3 \|\| =2.8.1-r0 \|\| =2.8.1-r1 \|\| =2.8.1-r2 \|\| =2.8.1-r3 \|\| =2.9-r0 \|\| =2.9-r1 \|\| =2.9.1-r0 \|\| =2.9.1-r1 \|\| =2.9.1-r2 \|\| >=0 <2.10.1-r1	2.10.1-r1

1-10 of 30

Aliases

1. CVE-2020-159992. NVD-2020-159993. OSV-ALPINE-2020-159994. OSV-2020-159995. OSV-DEBIAN-2020-159996. GHSA-pv36-h7jh-qm627. GCVE-2020-159998. SECURITY-CVE-2020-159999. SECURITY-TRACKER-CVE-2020-1599910. security.gentoo.org11. security.gentoo.org12. security.gentoo.org

References

1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-159992. https://github.com/oxfemale/CVE-2020-159993. https://github.com/cefsharp/CefSharp/security/advisories/GHSA-pv36-h7jh-qm624. https://www.nuget.org/packages/CefSharp.Wpf.HwndHost5. https://www.nuget.org/packages/CefSharp.Wpf6. https://www.nuget.org/packages/CefSharp.WinForms7. https://www.nuget.org/packages/CefSharp.Common8. https://www.debian.org/security/2021/dsa-48249. https://security.netapp.com/advisory/ntap-20240812-000110. https://lists.fedoraproject.org/archives/list/[email protected]/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL711. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL712. https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html13. https://crbug.com/113996314. https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html15. http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html16. http://seclists.org/fulldisclosure/2020/Nov/33

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.