CVE-2020-18899
6.5MEDIUMAn uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.
Veröffentlicht: 8/19/2021Aktualisiert: 11/21/2024
Beschreibung
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.
KI-AnalyseKI-gestützt
Betroffene Produkte
exiv2exiv2
0.27
Referenzen
- https://cwe.mitre.org/data/definitions/789.htmlTechnical Description
- https://github.com/Exiv2/exiv2/issues/742ExploitIssue TrackingThird Party Advisory
- https://security.gentoo.org/glsa/202312-06
- https://cwe.mitre.org/data/definitions/789.htmlTechnical Description
- https://github.com/Exiv2/exiv2/issues/742ExploitIssue TrackingThird Party Advisory
- https://security.gentoo.org/glsa/202312-06