GHSA-pv36-h7jh-qm62

Suggest an improvement
Source
https://github.com/advisories/GHSA-pv36-h7jh-qm62
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/10/GHSA-pv36-h7jh-qm62/GHSA-pv36-h7jh-qm62.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-pv36-h7jh-qm62
Aliases
Published
2020-10-27T19:47:38Z
Modified
2025-02-03T15:46:33.099877Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Heap buffer overflow in CefSharp
Details

Impact

A memory corruption bug(Heap overflow) in the FreeType font rendering library.

This can be exploited by attackers to execute arbitrary code by using specially crafted fonts with embedded PNG images .

As per https://www.secpod.com/blog/chrome-zero-day-under-active-exploitation-patch-now/

Google is aware of reports that an exploit for CVE-2020-15999 exists in the wild.

Patches

Upgrade to 85.3.130 or higher

References

  • https://www.secpod.com/blog/chrome-zero-day-under-active-exploitation-patch-now/
  • https://www.zdnet.com/article/google-releases-chrome-security-update-to-patch-actively-exploited-zero-day/
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999
  • https://magpcss.org/ceforum/viewtopic.php?f=10&t=17942

To review the CEF/Chromium patch see https://bitbucket.org/chromiumembedded/cef/commits/cd6cbe008b127990036945fb75e7c2c1594ab10d

Database specific 
{
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-119",
        "CWE-787"
    ],
    "github_reviewed_at": "2020-10-27T19:47:22Z",
    "nvd_published_at": "2020-11-03T03:15:00Z",
    "severity": "MODERATE"
}
References

Affected packages

NuGet / CefSharp.Common

Package

Name
CefSharp.Common
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
85.3.130

Affected versions

31.*

31.0.0-pre1

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1
37.0.2
37.0.3

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121

NuGet / CefSharp.Wpf

Package

Name
CefSharp.Wpf
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Wpf

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
85.3.130

Affected versions

1.*

1.25.2-perlun0
1.25.3
1.25.4
1.25.5
1.25.6
1.25.7
1.25.8

3.*

3.29.0-pre0

31.*

31.0.0-pre1

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1
37.0.3

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121

NuGet / CefSharp.WinForms

Package

Name
CefSharp.WinForms
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.WinForms

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
85.3.130

Affected versions

1.*

1.25.3

33.*

33.0.0
33.0.2
33.1.0-pre01

37.*

37.0.0-pre01
37.0.0-pre02
37.0.0
37.0.1
37.0.3

39.*

39.0.0-pre01
39.0.0-pre02
39.0.0-pre03
39.0.0
39.0.1
39.0.2

41.*

41.0.0-pre01
41.0.0
41.0.1

43.*

43.0.0-pre01
43.0.0-pre02
43.0.0
43.0.1

45.*

45.0.0-pre01
45.0.0

47.*

47.0.0-pre01
47.0.0
47.0.1
47.0.2
47.0.3
47.0.4

49.*

49.0.0-pre01
49.0.0-pre02
49.0.0
49.0.1

51.*

51.0.0-pre01
51.0.0-pre02
51.0.0

53.*

53.0.0-pre01
53.0.0
53.0.1

55.*

55.0.0-pre01
55.0.0

57.*

57.0.0-pre01
57.0.0

62.*

62.0.0-pre01
62.0.0-proprietary-codecs
62.0.0-proprietary-codecs2

63.*

63.0.0-pre01
63.0.0-pre02
63.0.0-pre03
63.0.0
63.0.1
63.0.2
63.0.3

65.*

65.0.0-pre01
65.0.0-pre02
65.0.0
65.0.1

67.*

67.0.0-pre01
67.0.0

69.*

69.0.0-pre01
69.0.0

71.*

71.0.0-pre01
71.0.0
71.0.1
71.0.2

73.*

73.1.120-pre01
73.1.130

75.*

75.1.140-pre01
75.1.141
75.1.142
75.1.143

79.*

79.1.310-pre
79.1.350
79.1.360

81.*

81.3.20-pre
81.3.100

83.*

83.3.120-pre
83.4.20

84.*

84.3.10-pre
84.4.10

85.*

85.3.120-pre
85.3.121-pre
85.3.121

NuGet / CefSharp.Wpf.HwndHost

Package

Name
CefSharp.Wpf.HwndHost
View open source insights on deps.dev
Purl
pkg:nuget/CefSharp.Wpf.HwndHost

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
85.3.130

Affected versions

83.*

83.4.20-pre

84.*

84.4.10

85.*

85.3.121