stb up to 1.22 stb_truetype.h stbtt__cff_int Assertion unknown vulnerability
| CVSS Meta Temp Score | Current Exploit Price (โ) | CTI Interest Score |
|---|---|---|
| 5.5 | $0-$5k | 2.78 |
A vulnerability, which was classified as critical, was found in stb up to 1.22. This affects the function stbtt__cff_int of the file stb_truetype.h. The impact remains unknown. The summary by CVE is:
stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int.
The weakness was disclosed 01/08/2020. This vulnerability is uniquely identified as CVE-2020-6617 since 01/08/2020. Technical details of the vulnerability are known, but there is no available exploit. The pricing for an exploit might be around USD $0-$5k at the moment (estimation calculated on 01/09/2020).
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
The entries 148471, 148470, 148469 and 148468 are pretty similar.
Name
Class: Unknown / Assertion
Local: Yes
Remote: No
Availability: ๐
Status: Not defined
Price Prediction: ๐
Current Price Estimation: ๐
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: ๐
Adversaries: ๐
Geopolitics: ๐
Economy: ๐
Predictions: ๐
Remediation: ๐Recommended: no mitigation known
0-Day Time: ๐
01/08/2020 Advisory disclosed
01/08/2020 CVE assigned
01/09/2020 VulDB entry created
01/09/2020 VulDB last update
CVE: CVE-2020-6617 (๐)
See also: ๐Created: 01/09/2020 10:32 AM
Complete: ๐
See the underground prices here!
https://vuldb.com/?id.148467
Gloss