CVE-2018-20096

Published December 12th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECTS

Description

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.

Exiv2/exiv2

Image metadata library and tools

GitHub

1.14K

TeamSeri0us/pocs

GitHub