Vulnerability Details CVE-2018-10772
The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2018-10772
-
cpe:2.3:a:exiv2:exiv2:-
-
cpe:2.3:a:exiv2:exiv2:0.10
-
cpe:2.3:a:exiv2:exiv2:0.11
-
cpe:2.3:a:exiv2:exiv2:0.12
-
cpe:2.3:a:exiv2:exiv2:0.13
-
cpe:2.3:a:exiv2:exiv2:0.14
-
cpe:2.3:a:exiv2:exiv2:0.15
-
cpe:2.3:a:exiv2:exiv2:0.16
-
cpe:2.3:a:exiv2:exiv2:0.17
-
cpe:2.3:a:exiv2:exiv2:0.17.1
-
cpe:2.3:a:exiv2:exiv2:0.18
-
cpe:2.3:a:exiv2:exiv2:0.18.1
-
cpe:2.3:a:exiv2:exiv2:0.18.2
-
cpe:2.3:a:exiv2:exiv2:0.19
-
cpe:2.3:a:exiv2:exiv2:0.20
-
cpe:2.3:a:exiv2:exiv2:0.21
-
cpe:2.3:a:exiv2:exiv2:0.21.1
-
cpe:2.3:a:exiv2:exiv2:0.22
-
cpe:2.3:a:exiv2:exiv2:0.23
-
cpe:2.3:a:exiv2:exiv2:0.24
-
cpe:2.3:a:exiv2:exiv2:0.25
-
cpe:2.3:a:exiv2:exiv2:0.26
-
cpe:2.3:a:exiv2:exiv2:0.3
-
cpe:2.3:a:exiv2:exiv2:0.4
-
cpe:2.3:a:exiv2:exiv2:0.5
-
cpe:2.3:a:exiv2:exiv2:0.6
-
cpe:2.3:a:exiv2:exiv2:0.6.1
-
cpe:2.3:a:exiv2:exiv2:0.6.2
-
cpe:2.3:a:exiv2:exiv2:0.7
-
cpe:2.3:a:exiv2:exiv2:0.8
-
cpe:2.3:a:exiv2:exiv2:0.9
-
cpe:2.3:a:exiv2:exiv2:0.9.1