CVE-2018-20099

Опубликовано: 12 дек. 2018

Источник: debian

EPSS Низкий

Описание

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
exiv2	unfixed		experimental	package
exiv2	not-affected			package

Примечания

https://github.com/Exiv2/exiv2/issues/590
https://github.com/Exiv2/exiv2/commit/eff0f52d0466d81beabf304e2500f3039fd90252

EPSS

Процентиль: 64%

0.00468

Низкий

Связанные уязвимости

CVE-2018-20099

CVSS3: 6.5

ubuntu

больше 6 лет назад

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

CVE-2018-20099

CVSS3: 3.3

redhat

больше 6 лет назад

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

CVE-2018-20099

CVSS3: 6.5

nvd

больше 6 лет назад

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

GHSA-wr4g-wr5g-w9c8

CVSS3: 6.5

github

около 3 лет назад

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

SUSE-SU-2022:4276-1

suse-cvrf

больше 2 лет назад

Security update for exiv2

EPSS

Процентиль: 64%

0.00468

Низкий