[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-24352":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":29,"aliases":30,"duplicate_of":9,"upstream":31,"downstream":32,"duplicates":41,"related":42,"reserved_at":9,"published_at":45,"modified_at":46,"state":47,"summary":48,"references_raw":57,"kevs":76,"epss":77,"epss_history":80,"metrics":341,"affected":352},"CVE-2020-24352","An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.",null,[11,23],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],{"_key":24,"id":24,"name":25,"description":26,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":27,"capec":28},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","High",[],[],[],[],[33,35,37,39],{"_key":34},"SUSE-SU-2020:2877-1",{"_key":36},"OPENSUSE-SU-2020:1664-1",{"_key":38},"DEBIAN-CVE-2020-24352",{"_key":40},"UBUNTU-CVE-2020-24352",[],[43,44],{"_key":34},{"_key":36},"2020-10-16T05:05:13.000Z","2024-08-04T15:12:08.689Z","Modified",{"cisa_kev":49,"cisa_ransomware":49,"cisa_vendor":9,"epss_severity":50,"epss_score":51,"severity":52,"severity_score":53,"severity_version":54,"severity_source":55,"severity_vector":56,"severity_status":47},false,"low",0.00137,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[58,65,71],{"url":59,"sources":60,"tags":62},"https://git.qemu.org/?p=qemu.git",[61,55],"cve.org",[63,64],"X Refsource MISC","Vendor Advisory",{"url":66,"sources":67,"tags":68},"https://bugzilla.redhat.com/show_bug.cgi?id=1847584",[61,55],[63,69,70],"Issue Tracking","Third Party Advisory",{"url":72,"sources":73,"tags":74},"https://security.netapp.com/advisory/ntap-20201123-0003/",[61,55],[75,70],"X Refsource CONFIRM",[],{"date":78,"score":51,"percentile":79},"2026-06-04",0.33331,[81,84,87,90,93,96,99,102,105,108,111,114,116,119,122,126,129,132,135,138,141,144,147,150,153,156,159,162,165,168,171,174,176,179,182,185,188,191,194,197,200,203,206,209,212,215,218,221,223,226,228,231,234,237,240,243,246,249,252,254,257,259,262,264,267,270,273,276,278,280,283,286,289,291,294,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338],{"date":82,"score":51,"percentile":83},"2025-11-04",0.34284,{"date":85,"score":51,"percentile":86},"2025-11-05",0.34273,{"date":88,"score":51,"percentile":89},"2025-11-06",0.34274,{"date":91,"score":51,"percentile":92},"2025-11-07",0.34292,{"date":94,"score":51,"percentile":95},"2025-11-08",0.34286,{"date":97,"score":51,"percentile":98},"2025-11-09",0.34267,{"date":100,"score":51,"percentile":101},"2025-11-10",0.34217,{"date":103,"score":51,"percentile":104},"2025-11-11",0.34245,{"date":106,"score":51,"percentile":107},"2025-11-12",0.3429,{"date":109,"score":51,"percentile":110},"2025-11-13",0.34307,{"date":112,"score":51,"percentile":113},"2025-11-14",0.34313,{"date":115,"score":51,"percentile":113},"2025-11-15",{"date":117,"score":51,"percentile":118},"2025-11-16",0.34285,{"date":120,"score":51,"percentile":121},"2025-11-17",0.34261,{"date":123,"score":124,"percentile":125},"2025-11-18",0.00049,0.10727,{"date":127,"score":124,"percentile":128},"2025-11-19",0.10746,{"date":130,"score":124,"percentile":131},"2025-11-20",0.10773,{"date":133,"score":51,"percentile":134},"2025-11-21",0.34293,{"date":136,"score":51,"percentile":137},"2025-11-22",0.34294,{"date":139,"score":51,"percentile":140},"2025-11-23",0.3426,{"date":142,"score":51,"percentile":143},"2025-11-24",0.34234,{"date":145,"score":51,"percentile":146},"2025-11-25",0.3423,{"date":148,"score":51,"percentile":149},"2025-11-26",0.34228,{"date":151,"score":51,"percentile":152},"2025-11-27",0.34238,{"date":154,"score":51,"percentile":155},"2025-11-28",0.34219,{"date":157,"score":51,"percentile":158},"2025-11-29",0.34203,{"date":160,"score":51,"percentile":161},"2025-11-30",0.34182,{"date":163,"score":51,"percentile":164},"2025-12-01",0.34283,{"date":166,"score":51,"percentile":167},"2025-12-02",0.34297,{"date":169,"score":51,"percentile":170},"2025-12-03",0.34296,{"date":172,"score":51,"percentile":173},"2025-12-04",0.34188,{"date":175,"score":51,"percentile":155},"2025-12-05",{"date":177,"score":51,"percentile":178},"2025-12-06",0.3422,{"date":180,"score":51,"percentile":181},"2025-12-07",0.34196,{"date":183,"score":51,"percentile":184},"2025-12-08",0.34208,{"date":186,"score":51,"percentile":187},"2025-12-09",0.3425,{"date":189,"score":51,"percentile":190},"2025-12-10",0.34302,{"date":192,"score":51,"percentile":193},"2025-12-11",0.34324,{"date":195,"score":51,"percentile":196},"2025-12-12",0.34352,{"date":198,"score":51,"percentile":199},"2025-12-13",0.34335,{"date":201,"score":51,"percentile":202},"2025-12-14",0.34309,{"date":204,"score":51,"percentile":205},"2025-12-15",0.34268,{"date":207,"score":51,"percentile":208},"2025-12-16",0.34295,{"date":210,"score":51,"percentile":211},"2025-12-17",0.34346,{"date":213,"score":51,"percentile":214},"2025-12-18",0.34396,{"date":216,"score":51,"percentile":217},"2025-12-19",0.34418,{"date":219,"score":51,"percentile":220},"2025-12-20",0.34401,{"date":222,"score":51,"percentile":211},"2025-12-21",{"date":224,"score":51,"percentile":225},"2025-12-22",0.34316,{"date":227,"score":51,"percentile":202},"2025-12-23",{"date":229,"score":51,"percentile":230},"2025-12-24",0.34303,{"date":232,"score":51,"percentile":233},"2025-12-25",0.34367,{"date":235,"score":51,"percentile":236},"2025-12-26",0.34345,{"date":238,"score":51,"percentile":239},"2025-12-27",0.34361,{"date":241,"score":51,"percentile":242},"2025-12-28",0.34257,{"date":244,"score":51,"percentile":245},"2025-12-29",0.34225,{"date":247,"score":51,"percentile":248},"2025-12-30",0.34214,{"date":250,"score":51,"percentile":251},"2025-12-31",0.34265,{"date":253,"score":51,"percentile":217},"2026-01-01",{"date":255,"score":51,"percentile":256},"2026-01-02",0.3441,{"date":258,"score":51,"percentile":214},"2026-01-03",{"date":260,"score":51,"percentile":261},"2026-01-04",0.34248,{"date":263,"score":51,"percentile":149},"2026-01-05",{"date":265,"score":51,"percentile":266},"2026-01-06",0.34239,{"date":268,"score":51,"percentile":269},"2026-01-07",0.34255,{"date":271,"score":51,"percentile":272},"2026-01-08",0.34282,{"date":274,"score":51,"percentile":275},"2026-01-09",0.3428,{"date":277,"score":51,"percentile":164},"2026-01-10",{"date":279,"score":51,"percentile":121},"2026-01-11",{"date":281,"score":51,"percentile":282},"2026-01-12",0.34195,{"date":284,"score":51,"percentile":285},"2026-01-13",0.34184,{"date":287,"score":51,"percentile":288},"2026-01-14",0.34222,{"date":290,"score":51,"percentile":248},"2026-01-15",{"date":292,"score":51,"percentile":293},"2026-01-16",0.34235,{"date":295,"score":51,"percentile":155},"2026-01-17",{"date":297,"score":51,"percentile":298},"2026-01-18",0.34161,{"date":300,"score":51,"percentile":301},"2026-01-19",0.34125,{"date":303,"score":51,"percentile":304},"2026-01-20",0.34108,{"date":306,"score":51,"percentile":307},"2026-01-21",0.34074,{"date":309,"score":51,"percentile":310},"2026-01-22",0.34052,{"date":312,"score":51,"percentile":313},"2026-01-23",0.34112,{"date":315,"score":51,"percentile":316},"2026-01-24",0.34121,{"date":318,"score":51,"percentile":319},"2026-01-25",0.34062,{"date":321,"score":51,"percentile":322},"2026-01-26",0.33974,{"date":324,"score":51,"percentile":325},"2026-01-27",0.33967,{"date":327,"score":51,"percentile":328},"2026-01-28",0.33945,{"date":330,"score":51,"percentile":331},"2026-01-29",0.33906,{"date":333,"score":51,"percentile":334},"2026-01-30",0.33892,{"date":336,"score":51,"percentile":337},"2026-01-31",0.33901,{"date":339,"score":51,"percentile":340},"2026-02-01",0.33999,[342],{"source":55,"cvss_v2_0":343,"cvss_v3_0":9,"cvss_v3_1":348,"cvss_v4_0":9},{"baseScore":344,"baseSeverity":9,"vectorString":345,"impactScore":346,"exploitabilityScore":347},2.1,"AV:L/AC:L/Au:N/C:N/I:N/A:P",2.9,3.9,{"baseScore":53,"baseSeverity":349,"vectorString":56,"impactScore":350,"exploitabilityScore":351},"MEDIUM",6,4.6,[353],{"ecosystem":9,"name":354,"vendor":354,"product":354,"cpe_part":355,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":356},"qemu","a",[357,363,365],{"version":358,"is_range":359,"range_type":360,"version_start":9,"version_start_type":9,"version_end":361,"version_end_type":362,"fixed_in":9},"lte4.2.1",true,"cpe","4.2.1","including",{"version":364,"is_range":49,"range_type":360,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0:rc0",{"version":366,"is_range":49,"range_type":360,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.0:rc1"]