CVE-2020-18899

Published August 19th, 2021

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of Exiv2 0.27 allows attackers to cause a denial of service (DOS) via a crafted input.

Exiv2/exiv2

Image metadata library and tools

GitHub

1.14K