CVE-2018-14338

Опубликовано: 17 июл. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.8

CVSS3: 8.1

Описание

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected
devel	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected]
esm-infra/bionic	not-affected
esm-infra/xenial	not-affected
precise/esm	DNE
trusty	not-affected
trusty/esm	DNE	trusty was not-affected
upstream	needs-triage

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2018-14338

EPSS

Процентиль: 61%

0.00414

Низкий

6.8 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

CVE-2018-14338

CVSS3: 3.3

redhat

около 7 лет назад

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

CVE-2018-14338

CVSS3: 8.1

nvd

около 7 лет назад

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

CVE-2018-14338

CVSS3: 8.1

debian

около 7 лет назад

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realp ...

GHSA-vcrp-2wmj-jrg8

CVSS3: 8.1

github

около 3 лет назад

samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.

RLSA-2020:1577

rocky

больше 5 лет назад

Moderate: exiv2 security, bug fix, and enhancement update

EPSS

Процентиль: 61%

0.00414

Низкий

6.8 Medium

CVSS2

8.1 High

CVSS3

CVE-2018-14338

Описание

Пакет exiv2

Ссылки на источники

Связанные уязвимости