{"id":"CVE-2021-20307","details":"Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary memory values.","modified":"2026-04-16T04:36:56.410257578Z","published":"2021-04-05T22:15:12.883Z","related":["openSUSE-SU-2024:10968-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FVJRXUOBN56ZWP6QQ3NTA6DIFZMDZAEQ/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JE6YZSXNVD6WZ3AG3ENL2DIHQFF24LYX/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VYDYBKHT2MNMQCUMAVJNZW4VH6MD5BOF/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00010.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202107-47"},{"type":"ADVISORY","url":"https://sourceforge.net/projects/panotools/files/libpano13/libpano13-2.9.20/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1946284"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.9.19"}]},{"events":[{"introduced":"0"},{"last_affected":"2.9.20-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"2.9.20-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-20307.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}