Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-20096

Опубликовано: 12 дек. 2018
Источник: nvd
CVSS3: 6.5
CVSS2: 4.3
EPSS Низкий

Описание

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:exiv2:exiv2:0.27:rc3:*:*:*:*:*:*

EPSS

Процентиль: 79%
0.01305
Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2018-20096

CVSS3: 6.5
ubuntu
больше 6 лет назад

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

redhat логотип

CVE-2018-20096

CVSS3: 3.3
redhat
больше 6 лет назад

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

debian логотип

CVE-2018-20096

CVSS3: 6.5
debian
больше 6 лет назад

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf fun ...

github логотип

GHSA-7vjg-25hq-7fgh

CVSS3: 6.5
github
около 3 лет назад

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

oracle-oval логотип

ELSA-2019-2101

oracle-oval
почти 6 лет назад

ELSA-2019-2101: exiv2 security, bug fix, and enhancement update (LOW)

EPSS

Процентиль: 79%
0.01305
Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125