CVE-2018-20030

Published: Feb 20, 2019

Modified: Sep 17, 2024

PUBLISHED

Description

An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.

Vendor	Product	Versions
Flexera Software LLC	libexif	affected `0.6.21`

References

https://github.com/libexif/libexif/commit/6aa11df549114ebda520dde4cdaea2f9357b2c89

x_refsource_MISC

https://secuniaresearch.flexerasoftware.com/secunia_research/2018-28/

x_refsource_MISC

openSUSE-SU-2020:0264

vendor-advisory

x_refsource_SUSE

[debian-lts-announce] 20200518 [SECURITY] [DLA 2214-1] libexif security update

mailing-list

x_refsource_MLIST

USN-4358-1

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20200528 [SECURITY] [DLA 2222-1] libexif security update

mailing-list

x_refsource_MLIST

openSUSE-SU-2020:0793

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-20030

Description

Affected Products

References