CVE-2020-36619

A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function add_ch of the file demod_flex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is e5a51c508ef952e81a6da25b43034dd1ed023c07. It is recommended to upgrade the affected component. The identifier VDB-216269 was assigned to this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
VulDBCNA
5.5 MEDIUM
ADJACENT_NETWORK
LOW
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
multimon-ng_projectmultimon-ng
𝑥
< 1.2.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
multimon-ng
bullseye
no-dsa
buster
no-dsa
bookworm
1.2.0+dfsg-1
fixed
sid
1.3.1+dfsg-1
fixed
trixie
1.3.1+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
multimon-ng
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
ignored
jammy
needs-triage
focal
needs-triage
bionic
dne
xenial
ignored
trusty
ignored
Common Weakness Enumeration
References
https://github.com/EliasOenal/multimon-ng/commit/e5a51c508ef952e81a6da25b43034dd1ed023c07
https://github.com/EliasOenal/multimon-ng/pull/160
https://github.com/EliasOenal/multimon-ng/releases/tag/1.2.0
https://vuldb.com/?id.216269
https://github.com/EliasOenal/multimon-ng/commit/e5a51c508ef952e81a6da25b43034dd1ed023c07
https://github.com/EliasOenal/multimon-ng/pull/160
https://github.com/EliasOenal/multimon-ng/releases/tag/1.2.0
https://vuldb.com/?id.216269