Описание
metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services that use metadata-extractor library.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat BPM Suite 6 | metadata-extractor | Out of support scope | ||
| Red Hat Fuse 7 | metadata-extractor | Fix deferred | ||
| Red Hat Integration Camel K 1 | metadata-extractor | Fix deferred | ||
| Red Hat Integration Camel Quarkus 1 | metadata-extractor | Fix deferred | ||
| Red Hat JBoss BRMS 5 | metadata-extractor | Out of support scope | ||
| Red Hat JBoss BRMS 6 | metadata-extractor | Out of support scope | ||
| Red Hat JBoss Data Virtualization 6 | metadata-extractor | Out of support scope | ||
| Red Hat JBoss Fuse 6 | metadata-extractor | Out of support scope | ||
| Red Hat JBoss Fuse Service Works 6 | metadata-extractor | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services that use metadata-extractor library.
metadata-extractor up to 2.16.0 can throw various uncaught exceptions while parsing a specially crafted JPEG file, which could result in an application crash. This could be used to mount a denial of service attack against services that use metadata-extractor library.
metadata-extractor up to 2.16.0 can throw various uncaught exceptions ...
Improper Handling of Exceptional Conditions inn metadata-extractor
EPSS
5.5 Medium
CVSS3