CVE-2026-40386
HIGH7.1EPSS 0.01%發布日:2026/4/12修改日:2026/5/16
也稱為:DEBIAN-CVE-2026-40386
描述
In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.
受影響套件(1)
- Debian/libexiffrom 0, < 0.6.22-3+deb11u1
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |