Denial Of Service (DoS)

2018-12-1309:49:48

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.004

Percentile

73.7%

JSON

libexiv2.so is vulnerable to denial of service. An attacker is able to create a denial of service condition using malicious input to cause an infinite loop in the function Exiv2::Jp2Image::encodeJp2Header in jp2image.cpp.

References

access.redhat.com/errata/RHSA-2019:2101

github.com/Exiv2/exiv2/issues/590

github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206

lists.fedoraproject.org/archives/list/[email protected]/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA/

EPSS

0.004

Percentile

73.7%

JSON

Related for VERACODE:8031