{"id":"USN-6472-1","summary":"gsl vulnerability","details":"It was discovered that GNU Scientific Library incorrectly handled certain\ninputs. If a user or an automated system were tricked into opening a specially\ncrafted input file, a remote attacker could possibly use this issue to cause a\ndenial of service or execute arbitrary code.\n","modified":"2026-04-27T16:40:15.724040Z","published":"2023-11-07T07:58:02Z","related":["UBUNTU-CVE-2020-35357"],"upstream":["CVE-2020-35357","UBUNTU-CVE-2020-35357"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6472-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-35357"}],"affected":[{"package":{"name":"gsl","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/gsl@2.1+dfsg-2ubuntu0.1~esm1?arch=source&distro=esm-infra/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.1+dfsg-2ubuntu0.1~esm1"}]}],"versions":["1.16+dfsg-4","2.0+dfsg-1ubuntu1","2.1+dfsg-2"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_name":"gsl-bin","binary_version":"2.1+dfsg-2ubuntu0.1~esm1"},{"binary_name":"libgsl2","binary_version":"2.1+dfsg-2ubuntu0.1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6472-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:16.04:LTS","cves":[{"id":"CVE-2020-35357","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}]}}},{"package":{"name":"gsl","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/gsl@2.4+dfsg-6ubuntu0.1~esm1?arch=source&distro=esm-apps/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4+dfsg-6ubuntu0.1~esm1"}]}],"versions":["2.4+dfsg-6"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"gsl-bin","binary_version":"2.4+dfsg-6ubuntu0.1~esm1"},{"binary_name":"libgsl23","binary_version":"2.4+dfsg-6ubuntu0.1~esm1"},{"binary_name":"libgslcblas0","binary_version":"2.4+dfsg-6ubuntu0.1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6472-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:18.04:LTS","cves":[{"id":"CVE-2020-35357","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}]}}},{"package":{"name":"gsl","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/gsl@2.5+dfsg-6+deb10u1build0.20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5+dfsg-6+deb10u1build0.20.04.1"}]}],"versions":["2.5+dfsg-6","2.5+dfsg-6build1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"gsl-bin","binary_version":"2.5+dfsg-6+deb10u1build0.20.04.1"},{"binary_name":"libgsl23","binary_version":"2.5+dfsg-6+deb10u1build0.20.04.1"},{"binary_name":"libgslcblas0","binary_version":"2.5+dfsg-6+deb10u1build0.20.04.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6472-1.json","cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2020-35357","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}]}}},{"package":{"name":"gsl","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/gsl@2.7.1+dfsg-3ubuntu0.22.04.1~esm1?arch=source&distro=esm-apps/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.1+dfsg-3ubuntu0.22.04.1~esm1"}]}],"versions":["2.6+dfsg-2","2.7.1+dfsg-3"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"gsl-bin","binary_version":"2.7.1+dfsg-3ubuntu0.22.04.1~esm1"},{"binary_name":"libgsl27","binary_version":"2.7.1+dfsg-3ubuntu0.22.04.1~esm1"},{"binary_name":"libgslcblas0","binary_version":"2.7.1+dfsg-3ubuntu0.22.04.1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6472-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:22.04:LTS","cves":[{"id":"CVE-2020-35357","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}]}}}],"schema_version":"1.7.5"}