Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-20098

Опубликовано: 12 дек. 2018
Источник: debian

Описание

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
exiv2unfixedexperimentalpackage
exiv2not-affectedpackage

Примечания

  • https://github.com/Exiv2/exiv2/issues/590

  • https://github.com/Exiv2/exiv2/commit/eff0f52d0466d81beabf304e2500f3039fd90252

  • https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206

Связанные уязвимости

ubuntu логотип

CVE-2018-20098

CVSS3: 6.5
ubuntu
больше 6 лет назад

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

redhat логотип

CVE-2018-20098

CVSS3: 3.3
redhat
больше 6 лет назад

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

nvd логотип

CVE-2018-20098

CVSS3: 6.5
nvd
больше 6 лет назад

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

github логотип

GHSA-hr7m-h86m-ppmr

CVSS3: 6.5
github
около 3 лет назад

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

suse-cvrf логотип

SUSE-SU-2022:4276-1

suse-cvrf
больше 2 лет назад

Security update for exiv2