Published: 20/02/2019 Updated: 28/05/2020
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.

Vulnerability Trend

Affected Products

Vendor Product Versions
Libexif ProjectLibexif0.6.21

Vendor Advisories

Debian Bug report logs - #918730 libexif: CVE-2018-20030: Input validation issue resulting in a denial of service Package: src:libexif; Maintainer for src:libexif is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 8 Jan 201 ...
Several security issues were fixed in libexif ...
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem When the candidate has been publicized, the details for this candidate will be provided ...
Severity Unknown Remote Unknown Type Unknown Description AVG-1166 libexif 0621-1 0622-1 Unknown Vulnerable ...

Mailing Lists

====================================================================== Secunia Research 2018/12/13 libexif EXIF_IFD_INTEROPERABILITY / EXIF_IFD_EXIF Denial of Service Vulnerability ====================================================================== Table ...