Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-20421

Опубликовано: 27 янв. 2020
Источник: debian
EPSS Низкий

Описание

In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
exiv2fixed0.27.2-8package
exiv2ignoredjessiepackage

Примечания

  • https://github.com/Exiv2/exiv2/commit/a82098f4f90cd86297131b5663c3dec6a34470e8

  • https://github.com/Exiv2/exiv2/issues/1011

EPSS

Процентиль: 84%
0.0242
Низкий

Связанные уязвимости

CVSS3: 7.5
ubuntu
больше 5 лет назад

In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

CVSS3: 7.5
redhat
почти 6 лет назад

In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

CVSS3: 7.5
nvd
больше 5 лет назад

In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

CVSS3: 7.5
msrc
больше 3 лет назад

Описание отсутствует

github
около 3 лет назад

In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

EPSS

Процентиль: 84%
0.0242
Низкий