Application Crash in GNOME gThumb Due to Malformed JPEG Image
CVE-2020-36427

5.5MEDIUM

Key Information:

Vendor: Gnome
Status: Gthumb
Vendor: CVE Published:; 19 July 2021

Summary

A vulnerability in GNOME gThumb versions prior to 3.10.1 allows an application crash when a malformed JPEG image is processed by the software. Maliciously crafted JPEG images can trigger this instability, potentially leading to denial of service conditions. It is crucial for users to update to the latest version to mitigate the risk associated with this flaw.

References

https://download.gnome.org/sources/gthumb/3.10/gthumb-3.1...

x_refsource_MISC

https://mail.gnome.org/archives/gthumb-list/2020-Septembe...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 19, 2021
Vulnerability Reserved
Jul 19, 2021