CVE-2018-20096

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
Configurations

Configuration 1

cpe:2.3:a:exiv2:exiv2:0.27:rc3:*:*:*:*:*:*

Information

Published : 2018-12-12 10:29

Updated : 2019-10-03 12:03


NVD link : CVE-2018-20096

Mitre link : CVE-2018-20096

Products Affected
No products.
CWE
CWE-125

Out-of-bounds Read