Описание
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
Затронутые пакеты
Платформа | Пакет | Состояние | Рекомендация | Релиз |
---|---|---|---|---|
Red Hat Enterprise Linux 6 | exiv2 | Out of support scope | ||
Red Hat Enterprise Linux 7 | exiv2 | Fix deferred | ||
Red Hat Enterprise Linux 8 | exiv2 | Fixed | RHSA-2020:1577 | 28.04.2020 |
Red Hat Enterprise Linux 8 | gegl | Fixed | RHSA-2020:1577 | 28.04.2020 |
Red Hat Enterprise Linux 8 | gnome-color-manager | Fixed | RHSA-2020:1577 | 28.04.2020 |
Red Hat Enterprise Linux 8 | libgexiv2 | Fixed | RHSA-2020:1577 | 28.04.2020 |
Показывать по
Дополнительная информация
Статус:
3.3 Low
CVSS3
Связанные уязвимости
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
Exiv2 through 0.27.1 allows an attacker to cause a denial of service ( ...
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
Уязвимость библиотеки для управления метаданными медиафайлов Exiv2, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
3.3 Low
CVSS3