CVE-2018-20030 - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

CVE-2018-20030 (NVD)

2019-02-20

An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to exhaust available CPU resources.

Products	Libexif
Type	Uncontrolled Resource Consumption (CWE-400)
First patch	https://github.com/libexif/libexif/commit/6aa11df549114ebda520dde4cdaea2f9357b2c89
Relevant file/s	• ./NEWS (modified, +1) • ./libexif/exif-data.c (modified, +37, -8)
Links	• http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00000.html • https://lists.debian.org/debian-lts-announce/2020/05/msg00025.html • https://secuniaresearch.flexerasoftware.com/secunia_research/2018-28/ • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html • https://usn.ubuntu.com/4358-1/ More/Less (1) • https://lists.debian.org/debian-lts-announce/2020/05/msg00016.html

libexif - Tree: 6aa11df549

(? files)

Filter Settings

All Files

Relevant Files

Vulnerable Files

Patched Files

Files

VS-Dark VS-Bright Monokai Darcula

Navigation

Patch data:

(on by default)

Patched area: