First published: Mon Jul 20 2020(Updated: )
A buffer overflow is present in canvas version <= 1.6.9, which could lead to a Denial of Service or execution of arbitrary code when it processes a user-provided image.
Credit: support@hackerone.com
Affected Software | Affected Version | How to fix |
---|---|---|
Automattic Canvas | <=1.6.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-8215 is a buffer overflow vulnerability in Canvas version <= 1.6.9.
CVE-2020-8215 can lead to a Denial of Service or execution of arbitrary code when processing a user-provided image.
The Canvas software version <= 1.6.9 is affected by CVE-2020-8215.
CVE-2020-8215 has a severity rating of 8.8, which is considered high.
It is recommended to update to a version of Canvas that is higher than 1.6.9 to mitigate CVE-2020-8215.