Published: 24/06/2020 Updated: 08/11/2022

CVSS v2 Base Score: 5.2 | Impact Score: 6.4 | Exploitability Score: 5.1

CVSS v3 Base Score: 8 | Impact Score: 5.9 | Exploitability Score: 2.1

VMScore: 463

Vector: AV:A/AC:L/Au:S/C:P/I:P/A:P

A heap buffer overflow in SANE Backends prior to 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sane-project sane backends
debian debian linux 9.0
canonical ubuntu linux 18.04
opensuse leap 15.1
canonical ubuntu linux 20.04
opensuse leap 15.2
canonical ubuntu linux 16.04

Synopsis Important: sane-backends security update Type/Severity Security Advisory: Important Topic An update for sane-backends is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common ...

Synopsis Important: sane-backends security update Type/Severity Security Advisory: Important Topic An update for sane-backends is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...

Synopsis Important: sane-backends security update Type/Severity Security Advisory: Important Topic An update for sane-backends is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ...

CWE-787 https://securitylab.github.com/advisories/GHSL-2020-075-libsane https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html https://lists.debian.org/debian-lts-announce/2020/08/msg00029.html https://usn.ubuntu.com/4470-1/https://lists.debian.org/debian-lts-announce/2020/10/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00079.html https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2020:3045

CVE-2020-12865

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect