UBUNTU-CVE-2020-23909

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2020-23909
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-23909
Upstream
Published
2023-07-18T14:15:00Z
Modified
2026-01-20T17:13:45.801346Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

Heap-based buffer over-read in function pngconvert4 in file pngex.cc in AdvanceMAME through 2.1.

References

Affected packages

Ubuntu:16.04:LTS
cloop

Package

Name
cloop
Purl
pkg:deb/ubuntu/cloop@3.14.1.2ubuntu1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.6.39.2-1ubuntu3
3.*
3.14.1.1ubuntu1
3.14.1.2ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cloop-utils",
            "binary_version": "3.14.1.2ubuntu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
Ubuntu:18.04:LTS
advancecomp

Package

Name
advancecomp
Purl
pkg:deb/ubuntu/advancecomp@2.1-1ubuntu0.18.04.3?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.0-1
2.1-1
2.1-1ubuntu0.18.04.1
2.1-1ubuntu0.18.04.2
2.1-1ubuntu0.18.04.3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "advancecomp",
            "binary_version": "2.1-1ubuntu0.18.04.3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
cloop

Package

Name
cloop
Purl
pkg:deb/ubuntu/cloop@3.14.1.2ubuntu1?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.14.1.2ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cloop-utils",
            "binary_version": "3.14.1.2ubuntu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
Ubuntu:20.04:LTS
advancecomp

Package

Name
advancecomp
Purl
pkg:deb/ubuntu/advancecomp@2.1-2.1ubuntu0.20.04.1?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.1-2.1
2.1-2.1build1
2.1-2.1ubuntu0.20.04.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "advancecomp",
            "binary_version": "2.1-2.1ubuntu0.20.04.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
cloop

Package

Name
cloop
Purl
pkg:deb/ubuntu/cloop@3.14.1.2ubuntu3?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.14.1.2ubuntu1
3.14.1.2ubuntu3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cloop-utils",
            "binary_version": "3.14.1.2ubuntu3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
Ubuntu:22.04:LTS
advancecomp

Package

Name
advancecomp
Purl
pkg:deb/ubuntu/advancecomp@2.1-2.1ubuntu2.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.1-2.1ubuntu1
2.1-2.1ubuntu2
2.1-2.1ubuntu2.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "advancecomp",
            "binary_version": "2.1-2.1ubuntu2.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
cloop

Package

Name
cloop
Purl
pkg:deb/ubuntu/cloop@3.14.1.3?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.14.1.3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cloop-src",
            "binary_version": "3.14.1.3"
        },
        {
            "binary_name": "cloop-utils",
            "binary_version": "3.14.1.3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
Ubuntu:24.04:LTS
advancecomp

Package

Name
advancecomp
Purl
pkg:deb/ubuntu/advancecomp@2.5-1build1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.5-1
2.5-1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "advancecomp",
            "binary_version": "2.5-1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
cloop

Package

Name
cloop
Purl
pkg:deb/ubuntu/cloop@3.14.1.3+nmu1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.14.1.3+nmu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cloop-src",
            "binary_version": "3.14.1.3+nmu1"
        },
        {
            "binary_name": "cloop-utils",
            "binary_version": "3.14.1.3+nmu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
Ubuntu:25.10
advancecomp

Package

Name
advancecomp
Purl
pkg:deb/ubuntu/advancecomp@2.5-1build1?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.5-1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "advancecomp",
            "binary_version": "2.5-1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
cloop

Package

Name
cloop
Purl
pkg:deb/ubuntu/cloop@3.14.1.3+nmu1?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.14.1.3+nmu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cloop-src",
            "binary_version": "3.14.1.3+nmu1"
        },
        {
            "binary_name": "cloop-utils",
            "binary_version": "3.14.1.3+nmu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"
Ubuntu:Pro:16.04:LTS
advancecomp

Package

Name
advancecomp
Purl
pkg:deb/ubuntu/advancecomp@1.20-1ubuntu0.2+esm2?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.19-1
1.20-1
1.20-1ubuntu0.1
1.20-1ubuntu0.2
1.20-1ubuntu0.2+esm1
1.20-1ubuntu0.2+esm2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "advancecomp",
            "binary_version": "1.20-1ubuntu0.2+esm2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-23909.json"