Every CVE whose affected-product data names Gnu Gnash, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2012-1175 — CVSS 6.8 (medium): Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of…
CVE-2011-4328 — CVSS 5.0 (medium): plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp…
CVE-2010-4337 — CVSS 3.3 (low): The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-err…