CVE-2020-15706

GRUB2 contains a race condition in grubscriptfunction_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.

References

Affected packages

Git / github.com/python-pillow/pillow

Affected ranges

Type: GIT
Repo: https://github.com/python-pillow/pillow
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

a021d4978dd96371557f21c7b68feff2056a6e9b

Affected versions

1.*

1.0

1.2

1.7.6

1.7.7

1.7.8

2.*

2.0.0

2.1.0

2.2.0

2.2.1

2.2.2

2.3.0

2.5.0

2.6.0

2.6.0-rc1

2.7.0

2.8.0

2.8.1

2.9.0

2.9.0.dev0

2.9.0.dev1

2.9.0.dev2

3.*

3.0.0

3.1.0

3.1.0-rc1

3.2.0

3.3.0

3.3.1

3.4.0

4.*

4.0.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15706.json"