CVE-2020-18771
Summary
| CVE | CVE-2020-18771 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2021-08-23 22:15:00 UTC |
|---|
| Updated | 2023-12-22 10:15:00 UTC |
|---|
| Description | Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Operating System |
Debian |
Debian Linux |
10.0 |
All |
All |
All |
| Application |
Exiv2 |
Exiv2 |
0.27.99.0 |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] [DLA 3265-1] exiv2 security update |
MLIST |
lists.debian.org |
|
| one global-buffer-overread in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp · Issue #756 · Exiv2/exiv2 · GitHub |
MISC |
github.com |
|
| CWE -
CWE-126: Buffer Over-read (4.3) |
MISC |
cwe.mitre.org |
|
| Exiv2: Multiple Vulnerabilities (GLSA 202312-06) — Gentoo security |
|
security.gentoo.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 181464 Debian Security Update for exiv2 (DLA 3265-1)
- 671041 EulerOS Security Update for exiv2 (EulerOS-SA-2021-2657)
- 671049 EulerOS Security Update for exiv2 (EulerOS-SA-2021-2628)
- 671264 EulerOS Security Update for exiv2 (EulerOS-SA-2022-1161)
- 710810 Gentoo Linux Exiv2 Multiple Vulnerabilities (GLSA 202312-06)
