How severe is CVE-2020-18899?

CVE-2020-18899 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2020-18899

Name: exiv2
Author: exiv2

6.5MEDIUM

An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.

Published: 8/19/2021Updated: 11/21/2024

Description

An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.

AI AnalysisPowered by AI

Affected Products

exiv2exiv2

0.27

References

https://cwe.mitre.org/data/definitions/789.html
Technical Description
https://github.com/Exiv2/exiv2/issues/742
ExploitIssue TrackingThird Party Advisory
https://security.gentoo.org/glsa/202312-06
https://cwe.mitre.org/data/definitions/789.html
Technical Description
https://github.com/Exiv2/exiv2/issues/742
ExploitIssue TrackingThird Party Advisory
https://security.gentoo.org/glsa/202312-06