CVE-2018-10780

Опубликовано: 07 мая 2018

Источник: debian

EPSS Низкий

Описание

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.

Пакет	Статус	Версия исправления	Релиз	Тип
exiv2	not-affected			package

https://bugzilla.redhat.com/show_bug.cgi?id=1575201
Commit https://github.com/Exiv2/exiv2/commit/74cb5bab132ed76adf15df172c5e8b58cddaa96c
adresses an overflow, but not solving the invalid write of size 1 via
Exiv2::Image::printIFDStructure.
Commit https://github.com/Exiv2/exiv2/commit/8ff26931e31bb25d66c69846f47f3f5b6d9a32f1
avoids using Image::printStructure() when reading images.

EPSS

Процентиль: 47%

0.00238

Низкий

CVE-2018-10780

CVSS3: 6.5

ubuntu

почти 8 лет назад

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.

CVE-2018-10780

CVSS3: 3.3

redhat

почти 8 лет назад

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.

CVE-2018-10780

CVSS3: 6.5

nvd

почти 8 лет назад

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.

GHSA-v22h-x6qx-4mwj

CVSS3: 6.5

github

больше 3 лет назад

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.

EPSS

Процентиль: 47%

0.00238

Низкий