{"id":"CVE-2020-13152","details":"A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will trigger a memory leak, whereby Amarok 2.8.0 continue to waste resources over time, eventually allows attackers to cause a denial of service.","modified":"2026-04-10T04:28:27.580144Z","published":"2020-05-20T13:15:09.847Z","references":[{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/159898/Amarok-2.8.0-Denial-Of-Service.html"},{"type":"EVIDENCE","url":"https://r00texpl0it.wordpress.com/2020/05/20/kde-amarok-2-8-0-allows-remote-attackers-to-cause-a-denial-of-service/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kde/amarok","events":[{"introduced":"0"},{"last_affected":"8e0cd7732bbbc7393defce4450312c6b3c7e656b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.8.0"}]}}],"versions":["v0.6-91","v0.8.2","v0.9-beta3","v0.9.0","v1.0-beta1","v1.0-beta1_new","v1.0-beta2","v1.0-beta4","v1.1-beta2","v1.1.0","v1.1.1","v1.2-beta1","v1.2-beta2","v1.2-beta3","v1.2.0","v1.2.1","v1.2.2","v1.2.3","v1.3-beta2","v1.3-beta3","v1.3.0","v1.3.1","v1.4-beta1","v1.4-beta2","v1.4-beta3","v1.4-horizontalContext","v1.4.0","v1.4.1","v1.4.1-beta1","v1.4.2","v1.4.2-beta1","v1.4.4","v1.4.5","v1.80","v1.90","v1.90.1","v1.92","v1.92.1","v1.92.2","v1.94","v1.98","v2.0-alpha1","v2.0-alpha2","v2.0-beta1","v2.0.1","v2.0.90","v2.0.96","v2.1.1","v2.1.80","v2.1.85","v2.1.90","v2.2.0","v2.2.1","v2.2.1.90","v2.2.2","v2.3.0","v2.3.0.90","v2.3.1","v2.3.1.90","v2.3.2","v2.3.90","v2.4.0","v2.4.0.90","v2.4.1","v2.4.1.90","v2.4.90","v2.5.0","v2.5.90","v2.5.95","v2.5.96","v2.6.90","v2.7.0","v2.7.90","v2.8.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13152.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}