[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-29385":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":19,"aliases":20,"duplicate_of":9,"upstream":21,"downstream":22,"duplicates":37,"related":38,"reserved_at":9,"published_at":42,"modified_at":43,"state":44,"summary":45,"references_raw":54,"kevs":97,"epss":98,"epss_history":101,"metrics":361,"affected":372},"CVE-2020-29385","GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop will assign self->code_table[11].extends to c, which will give the value of 10. This will make the loop run infinitely. This bug can, for example, be triggered by calling this function with a GIF image with LZW compression that is crafted in a special way.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-835","Loop with Unreachable Exit Condition ('Infinite Loop')","The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.","weakness","Incomplete","Base",[],[],[],[],[23,25,27,29,31,33,35],{"_key":24},"ALPINE-CVE-2020-29385",{"_key":26},"SUSE-SU-2021:0184-1",{"_key":28},"OPENSUSE-SU-2021:0150-1",{"_key":30},"OPENSUSE-SU-2024:10779-1",{"_key":32},"UBUNTU-CVE-2020-29385",{"_key":34},"USN-4663-1",{"_key":36},"DEBIAN-CVE-2020-29385",[],[39,40,41],{"_key":26},{"_key":28},{"_key":30},"2020-12-26T02:01:49.000Z","2024-08-04T16:55:09.278Z","Analyzed",{"cisa_kev":46,"cisa_ransomware":46,"cisa_vendor":9,"epss_severity":47,"epss_score":48,"severity":49,"severity_score":50,"severity_version":51,"severity_source":52,"severity_vector":53,"severity_status":44},false,"low",0.00634,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",[55,63,68,74,79,83,89,93],{"url":56,"sources":57,"tags":59},"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/blob/master/NEWS",[58,52],"cve.org",[60,61,62],"X Refsource MISC","Release Notes","Vendor Advisory",{"url":64,"sources":65,"tags":66},"https://security.gentoo.org/glsa/202012-15",[58,52],[60,67],"Third Party Advisory",{"url":69,"sources":70,"tags":71},"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977166",[58,52],[72,73,67],"X Refsource CONFIRM","Issue Tracking",{"url":75,"sources":76,"tags":77},"https://ubuntu.com/security/CVE-2020-29385",[58,52],[72,78,67],"Patch",{"url":80,"sources":81,"tags":82},"https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/164",[58,52],[72,62],{"url":84,"sources":85,"tags":86},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EANWYODLOJDFLMBH6WEKJJMQ5PKLEWML/",[58,52],[62,87,88,67],"X Refsource FEDORA","Mailing List",{"url":90,"sources":91,"tags":92},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5H3GNVWMZTYZR3JBYCK57PF7PFMQBNP/",[58,52],[62,87,88,67],{"url":94,"sources":95,"tags":96},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BGZVCTH5O7WBJLYXZ2UOKLYNIFPVR55D/",[58,52],[62,87,88,67],[],{"date":99,"score":48,"percentile":100},"2026-06-05",0.70812,[102,106,109,112,115,118,121,124,126,129,132,135,137,140,143,147,150,153,156,159,162,164,167,169,172,175,178,181,184,187,190,193,196,199,202,204,207,210,213,216,219,221,224,226,229,232,235,238,241,243,245,248,251,253,257,260,263,266,269,272,275,277,280,283,286,289,292,295,298,300,303,306,309,312,315,318,320,322,325,328,331,334,337,340,343,346,349,352,355,358],{"date":103,"score":104,"percentile":105},"2025-11-04",0.00662,0.70376,{"date":107,"score":104,"percentile":108},"2025-11-05",0.70361,{"date":110,"score":104,"percentile":111},"2025-11-06",0.70358,{"date":113,"score":104,"percentile":114},"2025-11-07",0.70373,{"date":116,"score":104,"percentile":117},"2025-11-08",0.70375,{"date":119,"score":104,"percentile":120},"2025-11-09",0.70366,{"date":122,"score":104,"percentile":123},"2025-11-10",0.70351,{"date":125,"score":104,"percentile":108},"2025-11-11",{"date":127,"score":104,"percentile":128},"2025-11-12",0.70384,{"date":130,"score":104,"percentile":131},"2025-11-13",0.7039,{"date":133,"score":104,"percentile":134},"2025-11-14",0.70398,{"date":136,"score":104,"percentile":134},"2025-11-15",{"date":138,"score":104,"percentile":139},"2025-11-16",0.70394,{"date":141,"score":104,"percentile":142},"2025-11-17",0.70391,{"date":144,"score":145,"percentile":146},"2025-11-18",0.003,0.50348,{"date":148,"score":145,"percentile":149},"2025-11-19",0.5036,{"date":151,"score":145,"percentile":152},"2025-11-20",0.50349,{"date":154,"score":104,"percentile":155},"2025-11-21",0.70411,{"date":157,"score":104,"percentile":158},"2025-11-22",0.70402,{"date":160,"score":104,"percentile":161},"2025-11-23",0.70383,{"date":163,"score":104,"percentile":117},"2025-11-24",{"date":165,"score":104,"percentile":166},"2025-11-25",0.70379,{"date":168,"score":104,"percentile":128},"2025-11-26",{"date":170,"score":104,"percentile":171},"2025-11-27",0.70382,{"date":173,"score":104,"percentile":174},"2025-11-28",0.70372,{"date":176,"score":104,"percentile":177},"2025-11-29",0.70359,{"date":179,"score":104,"percentile":180},"2025-11-30",0.70352,{"date":182,"score":104,"percentile":183},"2025-12-01",0.70494,{"date":185,"score":104,"percentile":186},"2025-12-02",0.70506,{"date":188,"score":104,"percentile":189},"2025-12-03",0.70503,{"date":191,"score":104,"percentile":192},"2025-12-04",0.70354,{"date":194,"score":104,"percentile":195},"2025-12-05",0.70367,{"date":197,"score":104,"percentile":198},"2025-12-06",0.70371,{"date":200,"score":104,"percentile":201},"2025-12-07",0.7037,{"date":203,"score":104,"percentile":117},"2025-12-08",{"date":205,"score":104,"percentile":206},"2025-12-09",0.70405,{"date":208,"score":104,"percentile":209},"2025-12-10",0.70443,{"date":211,"score":104,"percentile":212},"2025-12-11",0.70465,{"date":214,"score":104,"percentile":215},"2025-12-12",0.70491,{"date":217,"score":104,"percentile":218},"2025-12-13",0.70492,{"date":220,"score":104,"percentile":218},"2025-12-14",{"date":222,"score":104,"percentile":223},"2025-12-15",0.70487,{"date":225,"score":104,"percentile":183},"2025-12-16",{"date":227,"score":104,"percentile":228},"2025-12-17",0.7051,{"date":230,"score":104,"percentile":231},"2025-12-18",0.70535,{"date":233,"score":104,"percentile":234},"2025-12-19",0.7055,{"date":236,"score":104,"percentile":237},"2025-12-20",0.70548,{"date":239,"score":104,"percentile":240},"2025-12-21",0.70538,{"date":242,"score":104,"percentile":240},"2025-12-22",{"date":244,"score":104,"percentile":240},"2025-12-23",{"date":246,"score":104,"percentile":247},"2025-12-24",0.70547,{"date":249,"score":104,"percentile":250},"2025-12-25",0.7057,{"date":252,"score":104,"percentile":250},"2025-12-26",{"date":254,"score":255,"percentile":256},"2025-12-27",0.00595,0.68708,{"date":258,"score":104,"percentile":259},"2025-12-28",0.70543,{"date":261,"score":104,"percentile":262},"2025-12-29",0.70539,{"date":264,"score":104,"percentile":265},"2025-12-30",0.70553,{"date":267,"score":104,"percentile":268},"2025-12-31",0.70574,{"date":270,"score":104,"percentile":271},"2026-01-01",0.7073,{"date":273,"score":104,"percentile":274},"2026-01-02",0.70724,{"date":276,"score":104,"percentile":274},"2026-01-03",{"date":278,"score":104,"percentile":279},"2026-01-04",0.70577,{"date":281,"score":104,"percentile":282},"2026-01-05",0.70573,{"date":284,"score":104,"percentile":285},"2026-01-06",0.70578,{"date":287,"score":104,"percentile":288},"2026-01-07",0.70593,{"date":290,"score":104,"percentile":291},"2026-01-08",0.7061,{"date":293,"score":104,"percentile":294},"2026-01-09",0.70616,{"date":296,"score":104,"percentile":297},"2026-01-10",0.70617,{"date":299,"score":104,"percentile":291},"2026-01-11",{"date":301,"score":104,"percentile":302},"2026-01-12",0.706,{"date":304,"score":104,"percentile":305},"2026-01-13",0.70597,{"date":307,"score":104,"percentile":308},"2026-01-14",0.70623,{"date":310,"score":104,"percentile":311},"2026-01-15",0.70629,{"date":313,"score":104,"percentile":314},"2026-01-16",0.70647,{"date":316,"score":104,"percentile":317},"2026-01-17",0.70641,{"date":319,"score":104,"percentile":308},"2026-01-18",{"date":321,"score":104,"percentile":294},"2026-01-19",{"date":323,"score":104,"percentile":324},"2026-01-20",0.70624,{"date":326,"score":104,"percentile":327},"2026-01-21",0.70628,{"date":329,"score":104,"percentile":330},"2026-01-22",0.7064,{"date":332,"score":104,"percentile":333},"2026-01-23",0.70674,{"date":335,"score":104,"percentile":336},"2026-01-24",0.70678,{"date":338,"score":104,"percentile":339},"2026-01-25",0.70653,{"date":341,"score":104,"percentile":342},"2026-01-26",0.70648,{"date":344,"score":104,"percentile":345},"2026-01-27",0.70651,{"date":347,"score":104,"percentile":348},"2026-01-28",0.70666,{"date":350,"score":104,"percentile":351},"2026-01-29",0.70664,{"date":353,"score":104,"percentile":354},"2026-01-30",0.70672,{"date":356,"score":104,"percentile":357},"2026-01-31",0.70677,{"date":359,"score":104,"percentile":360},"2026-02-01",0.70808,[362],{"source":52,"cvss_v2_0":363,"cvss_v3_0":9,"cvss_v3_1":368,"cvss_v4_0":9},{"baseScore":364,"baseSeverity":9,"vectorString":365,"impactScore":366,"exploitabilityScore":367},4.3,"AV:N/AC:M/Au:N/C:N/I:N/A:P",2.9,8.6,{"baseScore":50,"baseSeverity":369,"vectorString":53,"impactScore":370,"exploitabilityScore":371},"MEDIUM",6,4.6,[373,384,392],{"ecosystem":9,"name":374,"vendor":375,"product":376,"cpe_part":377,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":378},"ubuntu linux","canonical","ubuntu_linux","o",[379,382],{"version":380,"is_range":46,"range_type":381,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"20.04","cpe",{"version":383,"is_range":46,"range_type":381,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"20.10",{"ecosystem":9,"name":385,"vendor":386,"product":385,"cpe_part":377,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":387},"fedora","fedoraproject",[388,390],{"version":389,"is_range":46,"range_type":381,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"33",{"version":391,"is_range":46,"range_type":381,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"34",{"ecosystem":9,"name":393,"vendor":394,"product":393,"cpe_part":395,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":396},"gdk-pixbuf","gnome","a",[397],{"version":398,"is_range":399,"range_type":381,"version_start":400,"version_start_type":401,"version_end":402,"version_end_type":401,"fixed_in":9},"gt2.39.2_lt2.42.2",true,"2.39.2","excluding","2.42.2"]