VDB

CVE-2019-20421

CVE-2019-20421 PUBLISHED

In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.

EPSS 3.07% · 87.0th percentile

Risk Scores

EPSS Score
3.07%
87.0th percentile

Affected Products

VendorProductVersions
Ubuntu:16.04:LTSexiv20.25-2.1ubuntu16.04.3, 0.25-1ubuntu1, 0.25-2.1
Ubuntu:18.04:LTSexiv20.25-3.1ubuntu0.18.04.1, 0.25-3.1ubuntu0.18.04.3, 0.25-3.1ubuntu0.18.04.4

Timeline

  • Jan 27, 2020 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
  • Mar 11, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›