How severe is CVE-2020-18899?

CVE-2020-18899 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2020-18899

Name: exiv2
Author: exiv2

6.5MEDIUM

An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.

게시됨: 8/19/2021업데이트됨: 11/21/2024

설명

An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.

AI 분석AI 기반

영향받는 제품

exiv2exiv2

0.27

참조

https://cwe.mitre.org/data/definitions/789.html
Technical Description
https://github.com/Exiv2/exiv2/issues/742
ExploitIssue TrackingThird Party Advisory
https://security.gentoo.org/glsa/202312-06
https://cwe.mitre.org/data/definitions/789.html
Technical Description
https://github.com/Exiv2/exiv2/issues/742
ExploitIssue TrackingThird Party Advisory
https://security.gentoo.org/glsa/202312-06