Описание
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 0.25-3.1ubuntu0.17.10.1 |
| bionic | released | 0.25-3.1ubuntu0.18.04.1 |
| devel | not-affected | 0.25-4 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [0.23-1ubuntu2.1]] |
| esm-infra/bionic | not-affected | 0.25-3.1ubuntu0.18.04.1 |
| esm-infra/xenial | not-affected | 0.25-2.1ubuntu16.04.2 |
| precise/esm | DNE | |
| trusty | released | 0.23-1ubuntu2.1 |
| trusty/esm | DNE | trusty was released [0.23-1ubuntu2.1] |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in prev ...
Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.
Уязвимость класса LoaderExifJpeg библиотеки для управления метаданными медиафайлов Exiv2, позволяющая нарушителю выполнить произвольный код
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3