Published: 19/08/2021 Updated: 26/10/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote malicious users to cause a denial of service (DOS) via a crafted file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
exiv2 exiv2 0.27

Synopsis Moderate: exiv2 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for exiv2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this ...

Synopsis Moderate: compat-exiv2-026 security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for compat-exiv2-026 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this upd ...

A stack exhaustion issue in the printIFDStructure function of Exiv2 027 allows remote attackers to cause a denial of service (DOS) via a crafted file ...

CWE-674 https://github.com/Exiv2/exiv2/issues/741 https://cwe.mitre.org/data/definitions/674.html https://access.redhat.com/errata/RHSA-2022:1842 https://nvd.nist.gov

CVE-2020-18898

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect