Back to search
CVE-2018-20096
Published: Dec 12, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/Exiv2/exiv2/issues/590
x_refsource_MISC
https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206
x_refsource_MISC
FEDORA-2019-c9cbbbb5c0
vendor-advisory
x_refsource_FEDORA
RHSA-2019:2101
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now