CVE-2018-19535

Опубликовано: 26 нояб. 2018

Источник: debian

EPSS Низкий

Описание

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
exiv2	fixed	0.27.2-6		package
exiv2	ignored		stretch	package

Примечания

https://github.com/Exiv2/exiv2/issues/428
https://github.com/Exiv2/exiv2/pull/430

EPSS

Процентиль: 57%

0.00358

Низкий

Связанные уязвимости

CVE-2018-19535

CVSS3: 6.5

ubuntu

около 7 лет назад

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

CVE-2018-19535

CVSS3: 3.3

redhat

больше 7 лет назад

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

CVE-2018-19535

CVSS3: 6.5

nvd

около 7 лет назад

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

SUSE-SU-2023:4070-1

suse-cvrf

около 2 лет назад

Security update for exiv2

GHSA-wqpp-rgmm-jc7x

CVSS3: 6.5

github

больше 3 лет назад

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

EPSS

Процентиль: 57%

0.00358

Низкий