CVE-2011-0020
CVE-2011-0020 is a high-severity vulnerability in Gnome Pango with a CVSS 2.0 base score of 7.6. Its EPSS exploit-prediction score of 19% places it in the 97th percentile, indicating an elevated likelihood of exploitation. The underlying weakness is classified as CWE-119.
Key facts
- Severity: High (CVSS 2.0 base score 7.6)
- EPSS exploit prediction: 19% (97th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-119
- Affected product: Gnome Pango
- Published:
- Last modified:
Description
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
Frequently asked questions
- What is CVE-2011-0020?
- Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
- How severe is CVE-2011-0020?
- CVE-2011-0020 has a CVSS 2.0 base score of 7.6, rated high severity.
- Is CVE-2011-0020 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 19% (97th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2011-0020?
- CVE-2011-0020 primarily affects Gnome Pango. In total, 39 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2011-0020?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2011-0020 published?
- CVE-2011-0020 was published on 2011-01-24 and last updated on 2026-06-16.
References
- http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
- http://openwall.com/lists/oss-security/2011/01/18/6
- http://openwall.com/lists/oss-security/2011/01/20/2
- http://osvdb.org/70596
- http://secunia.com/advisories/42934
- http://secunia.com/advisories/43100
- http://www.redhat.com/support/errata/RHSA-2011-0180.html
- http://www.securityfocus.com/bid/45842
- http://www.securitytracker.com/id?1024994
- http://www.vupen.com/english/advisories/2011/0186
- http://www.vupen.com/english/advisories/2011/0238
- https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/696616
- https://bugzilla.gnome.org/show_bug.cgi?id=639882
- https://bugzilla.redhat.com/show_bug.cgi?id=671122
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64832
Affected products (39)
- cpe:2.3:a:gnome:pango:*:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:pango:1.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:pango:1.28.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnome:pango:1.28.2:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:0.20:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:0.21:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:0.22:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:0.23:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:0.24:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:0.25:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:0.26:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.9:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.10:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.11:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.12:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.13:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.14:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.15:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.16:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.17:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.18:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.19:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.20:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.21:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.22:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.23:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.24:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.25:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.26:*:*:*:*:*:*:*
- cpe:2.3:a:pango:pango:1.27:*:*:*:*:*:*:*
More vulnerabilities in Gnome Pango
- CVE-2019-1010238 — Critical (CVSS 9.8): Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used…
- CVE-2011-3193 — Critical (CVSS 9.3): Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt…
- CVE-2011-0064 — Medium (CVSS 6.8): The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does…
- CVE-2018-15120 — Medium (CVSS 6.5): libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a…
- CVE-2010-0421 — Medium (CVSS 4.3): Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before…
All CVEs affecting Gnome Pango →
Other CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) vulnerabilities
- CVE-2026-2778 — Critical (CVSS 10.0): Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in…
- CVE-2026-2776 — Critical (CVSS 10.0): Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability…
- CVE-2025-1866 — Critical (CVSS 10.0): Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows…
- CVE-2022-27625 — Critical (CVSS 10.0): A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the…
- CVE-2022-27624 — Critical (CVSS 10.0): A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the…
- CVE-2020-11896 — Critical (CVSS 10.0): The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.