Описание
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
Отчет
This issue affects the versions of exiv2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Low, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
Затронутые пакеты
Платформа | Пакет | Состояние | Рекомендация | Релиз |
---|---|---|---|---|
Red Hat Enterprise Linux 6 | exiv2 | Will not fix | ||
Red Hat Enterprise Linux 7 | exiv2 | Fixed | RHSA-2019:2101 | 06.08.2019 |
Red Hat Enterprise Linux 8 | exiv2 | Fixed | RHSA-2020:1577 | 28.04.2020 |
Red Hat Enterprise Linux 8 | gegl | Fixed | RHSA-2020:1577 | 28.04.2020 |
Red Hat Enterprise Linux 8 | gnome-color-manager | Fixed | RHSA-2020:1577 | 28.04.2020 |
Red Hat Enterprise Linux 8 | libgexiv2 | Fixed | RHSA-2020:1577 | 28.04.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has e ...
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
Уязвимость компонента crwimage_int.cpp библиотеки для управления метаданными медиафайлов Exiv2, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
3.3 Low
CVSS3