Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-10112

Опубликовано: 16 апр. 2018
Источник: debian
EPSS Низкий

Описание

An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_format_get_bytes_per_pixel function in babl-format.c in babl 0.1.46.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
geglunfixedpackage

Примечания

  • https://bugzilla.gnome.org/show_bug.cgi?id=795249

  • https://gitlab.gnome.org/GNOME/gegl/issues/65

  • https://github.com/xiaoqx/pocs/tree/master/gegl#4-gegl-outbound-write-2

  • Architectual API limitation, negligible security impact

EPSS

Процентиль: 59%
0.00379
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-10112

CVSS3: 8.8
ubuntu
почти 8 лет назад

An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_format_get_bytes_per_pixel function in babl-format.c in babl 0.1.46.

redhat логотип

CVE-2018-10112

CVSS3: 7.8
redhat
почти 8 лет назад

An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_format_get_bytes_per_pixel function in babl-format.c in babl 0.1.46.

nvd логотип

CVE-2018-10112

CVSS3: 8.8
nvd
почти 8 лет назад

An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_format_get_bytes_per_pixel function in babl-format.c in babl 0.1.46.

github логотип

GHSA-x849-69h5-g6m5

CVSS3: 8.8
github
больше 3 лет назад

An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other impact via a malformed PNG file that is mishandled during a call to the babl_format_get_bytes_per_pixel function in babl-format.c in babl 0.1.46.

EPSS

Процентиль: 59%
0.00379
Низкий