CVE-2018-10958
MEDIUM6.5EPSS 1.6%exiv2 - security update
發布日:2018/5/10修改日:2026/3/9
描述
In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.
受影響套件(4)
- Debian/exiv2from 0, < 0.25-4
- Debian/exiv2from 0, < 0.24-4.1+deb8u1
- Debian/exiv2from 0, < 0.24-4.1+deb8u2
- Debian/exiv2from 0, < 0.25-3.1+deb9u1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |