How severe is CVE-2020-18899?

CVE-2020-18899 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2020-18899

Name: exiv2
Author: exiv2

6.5MEDIUM

An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.

Publicado: 8/19/2021Actualizado: 11/21/2024

Descripción

An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.

Análisis IAImpulsado por IA

Productos Afectados

exiv2exiv2

0.27

Referencias

https://cwe.mitre.org/data/definitions/789.html
Technical Description
https://github.com/Exiv2/exiv2/issues/742
ExploitIssue TrackingThird Party Advisory
https://security.gentoo.org/glsa/202312-06
https://cwe.mitre.org/data/definitions/789.html
Technical Description
https://github.com/Exiv2/exiv2/issues/742
ExploitIssue TrackingThird Party Advisory
https://security.gentoo.org/glsa/202312-06