CVE-2020-19491 — Out-of-bounds Write in Project Sam2p

CWE-787 — Out-of-bounds Write CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents4 sources

Severity

7.8HIGHNVD

EPSS

0.2%

top 59.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sam2p Project Sam2p

Timeline

PublishedJul 21

Latest updateJun 23

Description

There is an invalid memory access bug in cgif.c that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶NVDsam2p_project/sam2p0.49.4

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

gnuplot vulnerabilities↗2025-06-23

▶

GHSA

GHSA-qp4r-f3q5-qpqr: There is an invalid memory access bug in cgif↗2022-05-24

▶

CVEList

CVE-2020-19491: There is an invalid memory access bug in cgif↗2021-07-21

▶

OSV

CVE-2020-19491: There is an invalid memory access bug in cgif↗2021-07-21

▶