Published: 21/05/2020 Updated: 27/01/2023

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

An issue exists in libexif prior to 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libexif project libexif
debian debian linux 8.0
canonical ubuntu linux 18.04
canonical ubuntu linux 14.04
canonical ubuntu linux 19.10
canonical ubuntu linux 20.04
canonical ubuntu linux 16.04
canonical ubuntu linux 12.04
opensuse leap 15.1

Debian Bug report logs - #961407 libexif: CVE-2020-13112 Package: src:libexif; Maintainer for src:libexif is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 24 May 2020 09:33:01 UTC Severity: important Tags: pending, securi ...

Several security issues were fixed in libexif ...

Synopsis Moderate: libexif security update Type/Severity Security Advisory: Moderate Topic An update for libexif is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...

Synopsis Moderate: libexif security update Type/Severity Security Advisory: Moderate Topic An update for libexif is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, wh ...

Synopsis Moderate: libexif security update Type/Severity Security Advisory: Moderate Topic An update for libexif is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability ...

Synopsis Moderate: libexif security update Type/Severity Security Advisory: Moderate Topic An update for libexif is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, wh ...

Synopsis Moderate: libexif security update Type/Severity Security Advisory: Moderate Topic An update for libexif is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, wh ...

An issue was discovered in libexif before 0622 Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes This is different from CVE-2020-0093 (CVE-2020-13112) ...

Severity Unknown Remote Unknown Type Unknown Description AVG-1166 libexif 0621-1 0622-1 Unknown Vulnerable ...

CWE-125 https://github.com/libexif/libexif/commit/435e21f05001fb03f9f186fa7cbc69454afd00d1 https://lists.debian.org/debian-lts-announce/2020/05/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html https://usn.ubuntu.com/4396-1/https://security.gentoo.org/glsa/202007-05 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961407 https://usn.ubuntu.com/4396-1/https://nvd.nist.gov

CVE-2020-13112

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect