Published: 20/02/2019 Updated: 11/06/2020

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

It exists that libexif incorrectly handled certain tags. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-20030)

Vulnerable Product	Search on Vulmon	Subscribe to Product
libexif project libexif 0.6.21

Debian Bug report logs - #918730 libexif: CVE-2018-20030: Input validation issue resulting in a denial of service Package: src:libexif; Maintainer for src:libexif is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 8 Jan 201 ...

Several security issues were fixed in libexif ...

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem When the candidate has been publicized, the details for this candidate will be provided ...

Severity Unknown Remote Unknown Type Unknown Description AVG-1166 libexif 0621-1 0622-1 Unknown Vulnerable ...

CWE-400 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-28/https://github.com/libexif/libexif/commit/6aa11df549114ebda520dde4cdaea2f9357b2c89 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00000.html https://lists.debian.org/debian-lts-announce/2020/05/msg00016.html https://usn.ubuntu.com/4358-1/https://lists.debian.org/debian-lts-announce/2020/05/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918730 https://usn.ubuntu.com/4358-1/https://nvd.nist.gov

CVE-2018-20030

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect