CVE-2018-14338

Опубликовано: 17 июл. 2018

Источник: debian

EPSS Низкий

Описание

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
exiv2	unfixed			package

Примечания

https://github.com/Exiv2/exiv2/issues/382
Issue in example code of Exiv2

EPSS

Процентиль: 61%

0.00414

Низкий

Связанные уязвимости

CVE-2018-14338

CVSS3: 8.1

ubuntu

около 7 лет назад

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

CVE-2018-14338

CVSS3: 3.3

redhat

около 7 лет назад

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

CVE-2018-14338

CVSS3: 8.1

nvd

около 7 лет назад

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

GHSA-vcrp-2wmj-jrg8

CVSS3: 8.1

github

около 3 лет назад

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

RLSA-2020:1577

rocky

больше 5 лет назад

Moderate: exiv2 security, bug fix, and enhancement update

EPSS

Процентиль: 61%

0.00414

Низкий