Описание
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file.
The exiv2 program is susceptible to a stack exhaustion issue via a crafted file. The cause of this vulnerability, is due to a flaw in the code which could allow remote attackers to cause a denial of service (DOS). The highest threat from this vulnerability is availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | exiv2 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-exiv2-023 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compat-exiv2-026 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | exiv2 | Out of support scope | ||
| Red Hat Enterprise Linux 9 | exiv2 | Not affected | ||
| Red Hat Enterprise Linux 8 | compat-exiv2-026 | Fixed | RHSA-2022:1797 | 10.05.2022 |
| Red Hat Enterprise Linux 8 | exiv2 | Fixed | RHSA-2022:1842 | 10.05.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file.
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote attackers to cause a denial of service (DOS) via a crafted file.
A stack exhaustion issue in the printIFDStructure function of Exiv2 0. ...
EPSS
6.5 Medium
CVSS3