CVE-2020-13112

Опубликовано: 21 мая 2020

Источник: debian

EPSS Низкий

Описание

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libexif	fixed	0.6.21-9		package
libexif	fixed	0.6.21-5.1+deb10u3	buster	package
libexif	fixed	0.6.21-2+deb9u3	stretch	package

Примечания

https://github.com/libexif/libexif/commit/435e21f05001fb03f9f186fa7cbc69454afd00d1 (0.6.22)

EPSS

Процентиль: 76%

0.00978

Низкий

Связанные уязвимости

CVE-2020-13112

CVSS3: 9.1

ubuntu

больше 5 лет назад

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

CVE-2020-13112

CVSS3: 9.1

redhat

больше 5 лет назад

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

CVE-2020-13112

CVSS3: 9.1

nvd

больше 5 лет назад

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

GHSA-4pxw-3px9-5fg9

CVSS3: 9.1

github

больше 3 лет назад

An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

ELSA-2020-2550

oracle-oval

больше 5 лет назад

ELSA-2020-2550: libexif security update (MODERATE)

EPSS

Процентиль: 76%

0.00978

Низкий