Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
CVE-2020-5395
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-5395
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5395.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-5395
Downstream
DEBIAN-CVE-2020-5395
DLA-3754-1
RHSA-2020:1921
RHSA-2020:3966
SUSE-SU-2020:0118-1
SUSE-SU-2020:0393-1
SUSE-SU-2020:3628-1
UBUNTU-CVE-2020-5395
openSUSE-SU-2020:0089-1
openSUSE-SU-2020:2111-1
openSUSE-SU-2024:10763-1
Related
ALSA-2020:4844
MGASA-2020-0057
SUSE-SU-2020:0118-1
SUSE-SU-2020:0393-1
SUSE-SU-2020:3628-1
openSUSE-SU-2020:0089-1
openSUSE-SU-2020:2111-1
openSUSE-SU-2024:10763-1
Published
2020-01-03T20:15:12Z
Modified
2025-10-10T02:48:01.952929Z
Severity
8.8 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
[none]
Details
FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c.
References
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00041.html
https://github.com/fontforge/fontforge/issues/4084
https://security.gentoo.org/glsa/202004-14
https://lists.debian.org/debian-lts-announce/2024/03/msg00007.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2S75EAVF4KPCH3WFBMZADUAU7EAXA7ZQ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MH6PKVQLBKIO7LQPDXB3MKI5I6AMDCN6/
Affected packages
Git
/
github.com/fontforge/fontforge
Affected ranges
Type
GIT
Repo
https://github.com/fontforge/fontforge
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Last affected
ac635b818e38ddb8e7e2e1057330a32b4e25476e
Affected versions
2.*
2.0.20140101
Other
20140813
20141013
20141014
20141126
20141230
20150228
20150330
20150430
20150612
20150824
20160403
20160404
20160930
20161001
20161004
20161005
20161012
20170730
20170731
20190317
20190413
20190801
v20110222
v20120731-b
v2.*
v2.1.0
CVE-2020-5395 - OSV