UBUNTU-CVE-2020-36619

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2020-36619

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-36619.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2020-36619

Related

CVE-2020-36619

Published

2022-12-19T14:15:00Z

Modified

2024-10-15T14:07:52Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function addch of the file demodflex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is e5a51c508ef952e81a6da25b43034dd1ed023c07. It is recommended to upgrade the affected component. The identifier VDB-216269 was assigned to this vulnerability.

References

Affected packages

Ubuntu:20.04:LTS / multimon-ng

Package

Name: multimon-ng
Purl: pkg:deb/ubuntu/multimon-ng?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.1.8+dfsg-1build1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / multimon-ng

Package

Name: multimon-ng
Purl: pkg:deb/ubuntu/multimon-ng?arch=src?distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.1.9+dfsg-1

1.1.9+dfsg-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / multimon-ng

Package

Name: multimon-ng
Purl: pkg:deb/ubuntu/multimon-ng?arch=src?distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.0+dfsg-1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "1.2.0+dfsg-1",
            "binary_name": "multimon-ng"
        },
        {
            "binary_version": "1.2.0+dfsg-1",
            "binary_name": "multimon-ng-dbgsym"
        }
    ]
}