Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-17230

Опубликовано: 19 сент. 2018
Источник: debian

Описание

Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
exiv2not-affectedpackage

Примечания

  • https://github.com/Exiv2/exiv2/issues/455

  • Introduced in: https://github.com/Exiv2/exiv2/commit/3d57bbc6e6036723df3c7da352e40267c90d1640

  • Fixed by: https://github.com/Exiv2/exiv2/commit/afb98cbc6e288dc8ea75f3394a347fb9b37abc55

  • Some extra care needs to be applied when fixing isolately the issue in

  • experimental, as the commit afb98cbc6e288dc8ea75f3394a347fb9b37abc55

  • would introduce/uncover CVE-2018-17282.

Связанные уязвимости

ubuntu логотип

CVE-2018-17230

CVSS3: 6.5
ubuntu
почти 7 лет назад

Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.

redhat логотип

CVE-2018-17230

CVSS3: 3.3
redhat
почти 7 лет назад

Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.

nvd логотип

CVE-2018-17230

CVSS3: 6.5
nvd
почти 7 лет назад

Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.

github логотип

GHSA-crvf-2mp8-85gm

CVSS3: 6.5
github
около 3 лет назад

Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.

suse-cvrf логотип

openSUSE-SU-2020:0482-1

suse-cvrf
больше 5 лет назад

Security update for exiv2