CVE-2018-19535

Опубликовано: 26 нояб. 2018

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.5

Описание

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

Релиз	Статус	Примечание
bionic	released	0.25-3.1ubuntu0.18.04.3
cosmic	released	0.25-4ubuntu0.2
devel	released	0.25-4ubuntu2
disco	released	0.25-4ubuntu1.1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was needed]
esm-infra/bionic	not-affected	0.25-3.1ubuntu0.18.04.3
esm-infra/xenial	not-affected	0.25-2.1ubuntu16.04.4
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 58%

0.00365

Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2018-19535

CVSS3: 3.3

redhat

почти 7 лет назад

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

CVE-2018-19535

CVSS3: 6.5

nvd

больше 6 лет назад

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

CVE-2018-19535

CVSS3: 6.5

debian

больше 6 лет назад

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngch ...

SUSE-SU-2023:4070-1

suse-cvrf

почти 2 года назад

Security update for exiv2

GHSA-wqpp-rgmm-jc7x

CVSS3: 6.5

github

около 3 лет назад

In Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.

EPSS

Процентиль: 58%

0.00365

Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

CVE-2018-19535

Описание

Пакет exiv2

Ссылки на источники

Связанные уязвимости