Vulnerability identifier: #VU47741

Vulnerability risk: Critical

CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2020-15999

CWE-ID: CWE-122

Exploitation vector: Network

Exploits in database: 4

• August 23, 2021
  • CVE (A collection of proof-of-concept exploit scripts written by the STAR Labs team for various CVEs that they discovered or found by others.) [Github]
• January 3, 2021
  • CVE-2020-15999 (Repositorio con un script encargado de explotar la vulnerabilidad CVE-2020-15999) [Github]
  • CVE-2020-15999 (Todos los materiales necesarios para la PoC en Chrome y ftview) [Github]
• November 3, 2020
  • CVE-2020-15999 (CVE-2020-15999) [Github]

Impact: Code execution

Vulnerable software:
FreeType
Universal components / Libraries / Libraries used by multiple products

Vendor: freetype.org