CVE-2016-6328
HIGH8.1EPSS 0.57%libexif - security update
發布日:2018/10/31修改日:2025/11/19
也稱為:ALPINE-CVE-2016-6328DEBIAN-CVE-2016-6328
描述
A vulnerability was found in libexif. An integer overflow when parsing the MNOTE entry data of the input file. This can cause Denial-of-Service (DoS) and Information Disclosure (disclosing some critical heap chunk metadata, even other applications' private data).
受影響套件(3)
- Alpine/libexiffrom 0, < 0.6.22-r0
- Debian/libexiffrom 0, < 0.6.21-2.1
- Debian/libexiffrom 0, < 0.6.21-2+deb8u2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |